CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0.

**Solution**

Update the WordPress Contact Us page - Contact people LITE plugin to the latest available version (at least 3.7.1).

Rio Darmawan discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Contact Us page - Contact people LITE Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. For example a password change which will then allow the malicious actor to login into the admin account. This vulnerability has been fixed in version 3.7.1.

**No other known vulnerabilities for this plugin**Report

**Report to Patchstack Alliance bounty platform and earn monthly cash prizes.**

Learn more

CVE-2023-23973: WordPress Contact Us Page – Contact People plugin <= 3.7.0 - Cross Site Request Forgery (CSRF) Leading To Contact Creation Vulnerability - Patchstack

Headline

CVE-2023-23973: WordPress Contact Us Page – Contact People plugin <= 3.7.0 - Cross Site Request Forgery (CSRF) Leading To Contact Creation Vulnerability - Patchstack

CVE: Latest News