exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2024-1592

почти 2 года назад

The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.6. This is due to missing or incorrect nonce validation on the process_delete function in class-DNSMPD.php. This makes it possible for unauthenticated attackers to delete GDPR data requests via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS3: 4.3

EPSS: Низкий

GHSA-4g8c-p257-92cq

почти 2 года назад

The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.6. This is due to missing or incorrect nonce validation on the process_delete function in class-DNSMPD.php. This makes it possible for unauthenticated attackers to delete GDPR data requests via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS3: 4.3

EPSS: Низкий

BDU:2024-01965

почти 2 года назад

Уязвимость функции process_delete компонента class-DNSMPD.php плагина GDPR/CCPA Cookie Consent системы управления содержимым сайта WordPress, позволяющая нарушителю осуществить CSRF-атаку

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-1592 The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.6. This is due to missing or incorrect nonce validation on the process_delete function in class-DNSMPD.php. This makes it possible for unauthenticated attackers to delete GDPR data requests via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	CVSS3: 4.3	0% Низкий	почти 2 года назад
GHSA-4g8c-p257-92cq The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.6. This is due to missing or incorrect nonce validation on the process_delete function in class-DNSMPD.php. This makes it possible for unauthenticated attackers to delete GDPR data requests via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.	CVSS3: 4.3	0% Низкий	почти 2 года назад
BDU:2024-01965 Уязвимость функции process_delete компонента class-DNSMPD.php плагина GDPR/CCPA Cookie Consent системы управления содержимым сайта WordPress, позволяющая нарушителю осуществить CSRF-атаку	CVSS3: 4.3	0% Низкий	почти 2 года назад

Уязвимостей на страницу