Attendance Manager <= 0.5.6 - CSRF & XSS

Affects Plugin

fixed in version 0.5.7

References

CVE 2019-5970
CVE 2019-5971
URL https://jvn.jp/en/jp/JVN95685939/index.html
URL https://plugins.trac.wordpress.org/changeset/2093162/attendance-manager
URL http://attmgr.com/fixed-vulnerability-issue/

Classification

Type MULTI

Miscellaneous

Submitter Ryan Dewhurst
Submitter Website https://wpscan.io
Submitter Twitter ethicalhack3r
Views 1375
Verified No
WPVDB ID 9434

Timeline

Publicly Published 2019-06-10 (about 1 month ago)
Added 2019-07-09 (14 days ago)
Last Updated 2019-07-09 (14 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin