Lucene search
WpvulndbWPVDB-ID:C7846BA1-4E0B-49DF-82EF-2662C4619796HistoryMay 27, 2023 - 12:00 a.m.
WP EasyCart < 5.4.9 - Multiple CSRFs
2023-05-2700:00:00
wpscan.com
8
wordpress
easycart
csrf
nonce validation
ajax
product manipulation
EPSS
0.001
Percentile
46.2%
The plugin does not apply proper nonce validation routines in multiple AJAX requests, which makes it possible for attackers to trick an unsuspecting administrator into activating and deactivating products.
Related
nvd
nvd
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2023-06-09 07:15:00
Cross site request forgery (csrf)
2023-06-09 07:15:00
Cross site request forgery (csrf)
2023-06-09 07:15:00
cve
cve
wordfence
wordfence