Vulnerabilities and security researches forclock-in-portal

CVE, Research URL: CVE-2023-0761
Home page URL: Security reports for Clock In Portal- Staff & Attendance Management
Application: Clock In Portal- Staff & Attendance Management
Date: May 15, 2023
Research Description: The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-0762
Home page URL: Security reports for Clock In Portal- Staff & Attendance Management
Application: Clock In Portal- Staff & Attendance Management
Date: May 15, 2023
Research Description: The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2023-0763
Home page URL: Security reports for Clock In Portal- Staff & Attendance Management
Application: Clock In Portal- Staff & Attendance Management
Date: May 15, 2023
Research Description: The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack
Affected versions: Min -, max -.
Status: vulnerable

Vulnerabilities and security researches forclock-in-portal clock-in-portal