CVEs (1)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Eventespresso 1Event Espresso 4 Decaf Jun 17, 2026 Jul 1, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Event Espresso 4 Decaf plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.10.11. This is due to missing or incorrect nonce validation on the ajaxHandler() function. T...Show more |