cleantalk
Vulnerabilities and Security Researches

Post to Google My Business (Google Business Profile), 0f112be73e81d5ba5a8b10db6fc00477b4009846

CVE, Research URL

0f112be73e81d5ba5a8b10db6fc00477b4009846

Home page URL

Security reports for Post to Google My Business (Google Business Profile)

Application

Post to Google My Business (Google Business Profile)

Published on
Jul 24, 2023
Research Description
Post to Google My Business (Google Business Profile) [post-to-google-my-business] < 3.1.15 Post to Google My Business <= 3.1.14 - Cross-Site Request Forgery to Dismiss Notification The Post to Google My Business plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.1.14. This is due to missing or incorrect nonce validation on the ajax_delete_notification() function. This makes it possible for unauthenticated attackers to dismiss notifications via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
max 3.1.15.
Status
vulnerable
Previous vulnerability researches
Post to Google My Business (Google Business Profile) (6e3a636eecb2e4ad54b0d025f27f8cda14411951) , Jun 16, 2026
Post to Google My Business (Google Business Profile) (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Post to Google My Business (Google Business Profile) (0f112be73e81d5ba5a8b10db6fc00477b4009846) , Jun 16, 2026
Post to Google My Business (Google Business Profile) (CVE-2023-33999) , Jun 14, 2026
Post to Google My Business (Google Business Profile) (CVE-2023-41689) , Jun 10, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026