Source evidence

Vulnerability in 5.0.6 version

WP Attachments · support · 2023-11-27T12:16:00+00:00

WP Attachments plugin evidence original source source API

complaintsentiment

highseverity

0.9relevance

2replies

Evidence linked to opportunitycommercial context

Proof Health

Open evidence

Commercial opportunities need traceable source links before they are treated as build-worthy.

6 / 26 rows with source links

23.1% of this page's analysis has direct source links.

0 build-decision rows missing links

0 rows here require auditable proof before promotion.

20 rows with no attached evidence

0 rows have source counts but still need direct links.

Conversation

support

equanimityes unresolved

We are receiving this alert from Solid Security plugin: Cross Site Request Forgery (CSRF) vulnerability discovered by Abdi Pranata (Patchstack Alliance) in WordPress Plugin WP Attachments (versions <= 5.0.6) This topic was modified 2 years, 6 months ago by equanimityes . Hi, the same. WordPress WP Attachments plugin <= 5.0.6 – Cross Site Request Forgery (CSRF) vulnerability -Tipo de vulnerabilidad: Cross Site Request Forgery (CSRF) -No hay actualización disponible Any update aviable? As above, we are being notified of CSRF vulnerability in <= v5.06 https://patchstack.com/database/vulnerability/wp-attachments

Commercial Context

Opportunity

content publishing operations

Media publishing workflow assurance for keeping publishing, media, and editorial handoffs consistent

Buyer: publishers, content teams, and agencies

Wedge: check media publishing, media, metadata, and editorial handoffs before content goes live

Proof Blocked card complete market

Analysis

heuristic-v1

Summary: Vulnerability in 5.0.6 version: users show security, performance pain that may indicate a product gap.

Evidence quote: Vulnerability in 5.0.6 version We are receiving this alert from Solid Security plugin: Cross Site Request Forgery (CSRF) vulnerability discovered by Abdi Pranata (Patchstack Alliance) in WordPress Plugin WP Attachments (versions <= 5.0.6) This topic was modified 2 years, 6 months ago by equanimityes .

Affected feature: security

security performance reliable

Plugin

API

WP Attachments

3.0K active installs · 107.0K downloads · rating 90.0

attachments classicpress file list media

Comments

2 shown

Freepress Coop 2024-02-19T14:19:00+00:00

Hi, the same. WordPress WP Attachments plugin <= 5.0.6 – Cross Site Request Forgery (CSRF) vulnerability -Tipo de vulnerabilidad: Cross Site Request Forgery (CSRF) -No hay actualización disponible Any update aviable?

fellowshipagency 2024-03-07T09:42:00+00:00

As above, we are being notified of CSRF vulnerability in <= v5.06 https://patchstack.com/database/vulnerability/wp-attachments