Skip to main content

Letterpress

2 CVEs product

Monthly

CVE-2024-3590 MEDIUM POC This Month

The LetterPress WordPress plugin through 1.2.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks, such as delete. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Letterpress
NVD WPScan
CVSS 3.1
6.1
EPSS
0.2%
CVE-2023-27415 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Letterpress
NVD
CVSS 3.1
4.8
EPSS
0.4%
EPSS 0% CVSS 6.1
MEDIUM POC This Month

The LetterPress WordPress plugin through 1.2.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks, such as delete. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Letterpress
NVD WPScan
EPSS 0% CVSS 4.8
MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Letterpress
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy