Search Results | AttackerKB

Show filters

Clear All

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

2 Total Results

Displaying 1-2 of 2

Attacker Value

Unknown

CVE-2024-3941

Disclosure Date: May 14, 2024 (last updated May 15, 2024)

The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF attack.

Attacker Value

Unknown

CVE-2024-3940

Disclosure Date: May 14, 2024 (last updated May 15, 2024)

The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

2 Total Results

Displaying 1-2 of 2

Unknown

CVE-2024-3941

Unknown

CVE-2024-3940

Quick Cookie Notification