CVE-2023-0551: REST API TO MiniProgram WordPress Plugin - Authenticated Arbitrary Attachment Deletion
The WordPress ecosystem provides a plethora of plugins that make it easier for website developers to implement new features and increase functionality. One such plugin
CVE-2023-38999 - OPNsense System Halt API CSRF Vulnerability Leads to DoS Attacks
---
A recent security update has uncovered a Cross-Site Request Forgery (CSRF) vulnerability in the System Halt API (/system/halt) of OPNsense, a widely used
CVE-2023-3414 - Jenkins Plug-in for ServiceNow DevOps Vulnerability: Cross-Site Request Forgery Exposes Sensitive Information
In recent years, cybersecurity has become a top priority for individuals and organizations all across the globe. With a rise in cyber-attacks and the exposure
CVE-2023-39156 - Jenkins Bazaar Plugin CSRF Vulnerability: Deleting SCM Tags Without Permissions
The Jenkins Bazaar Plugin (versions 1.22 and earlier) has been identified with having a cross-site request forgery (CSRF) vulnerability, allowing attackers to maliciously delete
CVE-2023-30474: Cross-Site Request Forgery (CSRF) Vulnerability in Kilian Evang Ultimate Noindex Nofollow Tool II Plugin <= 1.3 Versions
A newly discovered vulnerability in the Kilian Evang Ultimate Noindex Nofollow Tool II Plugin (versions <= 1.3) has been assigned the identifier CVE-2023-30474. This
Episode
00:00:00
00:00:00