Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the MULTIDOTS Add Social Share Messenger Buttons Whatsapp and Viber plugin 1.0.8 for WordPress. If an admin user can be tricked into visiting a crafted URL created by an attacker (via spear phishing/social engineering), the attacker can change the plugin settings via wp-admin/admin-post.php CSRF. There's no nonce or capability check in the whatsapp_share_setting_add_update() function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress MULTIDOTS Add Social Share Messenger Buttons Whatsapp and Viber插件跨站请求伪造漏洞
Vulnerability Description
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。MULTIDOTS Add Social Share Messenger Buttons Whatsapp and Viber plugin是使用在其中的一个用于在页面中添加社交分享按钮的插件。 WordPress MULTIDOTS Add Social Share Messenger Buttons Whatsapp and Viber插件1.0.8版本中存在跨
CVSS Information
N/A
Vulnerability Type
N/A