CVE-2026-1393 in Add Google Social Profiles to Knowledge Graph Box Pluginالمعلومات

الملخص

بحسب MITRE • 21/03/2026

The Add Google Social Profiles to Knowledge Graph Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin's Knowledge Graph settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

Wordfence

حجز

23/01/2026

إفشاء

21/03/2026

الاعتدال

تمت الموافقة

إدخال

VDB-352162

CPE

جاهز

CWE

CWE-352 (مؤكد)

CVSS

4.3 (CNA)

EPSS

0.00016

KEV

لا

النشاطات

منخفض جدًا

القطاع

Industry, Education, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-1393
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-1393
CVE Details	https://www.cvedetails.com/cve/CVE-2026-1393/

التالي ▸نظرة عامة ◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!