Amplus – CSRF | Theme Vulnerabilities

Affects Themes

amplus

No known fix

References

Exploitdb

29669

URL

https://packetstormsecurity.com/files/#124041/

URL

https://en.0day.today/exploits/21535

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CWE-352

Miscellaneous

Verified

No

WPVDB ID

fa65d6b8-d2a4-4874-9689-fe061d4bedaf

Timeline

Publicly Published

2014-08-01 (about 11 years ago)

Added

2014-08-01 (about 11 years ago)

Last Updated

2019-10-21 (about 6 years ago)

Other

Published

Title

Published

2025-04-04

Title

Official CleverReach Plugin for WooCommerce < 3.4.7 - Settings Update via CSRF

Published

2022-05-17

Title

Code Snippets Extended <= 1.4.7 - Stored Cross-Site Scripting via CSRF

Published

2024-12-11

Title

GitSync <= 1.1.0 - Cross-Site Request Forgery to Remote Code Execution

Published

2021-02-08

Title

NextGen Gallery < 3.5.0 - CSRF allows File Upload

Published

2023-10-16

Title

Feed Statistics <= 4.1 - Arbitrary Settings Update via CSRF