CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50858 – WordPress Anti Hacker Plugin <= 4.34 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-50858
22 Dec 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan.This issue affects Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan: from n/a through 4.34. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Bill Minozzi Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan. Este problema afecta a Disable Json API, Login Lockdown, XMLRPC... • https://patchstack.com/database/vulnerability/antihacker/wordpress-anti-hacker-plugin-4-34-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43453 – WordPress WP Tools plugin <= 3.41 - Auth. Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2022-43453
30 Nov 2022 — Missing Authorization vulnerability in Bill Minozzi WP Tools.This issue affects WP Tools: from n/a through 3.41. Vulnerabilidad de autorización faltante en Bill Minozzi WP Tools. Este problema afecta a WP Tools: desde n/a hasta 3.41. The WP Tools plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 3.41. This is due to missing capability check resulting in authorization bypass. • https://patchstack.com/database/vulnerability/wptools/wordpress-wp-tools-plugin-2-51-3-41-auth-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •