NotCVE - vendor:"Cyberwire"

1 results (0.003 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-32502 – WordPress Pro Mime Types Plugin <= 1.0.7 is vulnerable to Cross Site Request Forgery (CSRF)

https://notcve.org/view.php?id=CVE-2023-32502

09 May 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Sybre Waaijer Pro Mime Types – Manage file media types plugin <= 1.0.7 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Sybre Waaijer Pro Mime Types – Manage file media types en versiones <= 1.0.7. The Pro Mime Types plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.7. This is due to missing nonce validation on the pmt_settings_section_callback_tab_1() function used to co... • https://patchstack.com/database/vulnerability/pro-mime-types/wordpress-pro-mime-types-plugin-1-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •