cleantalk
Vulnerabilities and Security Researches

WP Simple Spreadsheet Fetcher for Google, f8fce47113e556ee0530bb8582de7956f1271b31

CVE, Research URL

f8fce47113e556ee0530bb8582de7956f1271b31

Home page URL

Security reports for WP Simple Spreadsheet Fetcher for Google

Application

WP Simple Spreadsheet Fetcher for Google

Published on
Jan 05, 2020
Research Description
WP Simple Spreadsheet Fetcher for Google [wp-simple-spreadsheet-fetcher-for-google] < 0.3.7 WP Simple Spreadsheet Fetcher for Google < 0.3.7 - Cross-Site Request Forgery The WP Simple Spreadsheet Fetcher for Google plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions before 0.3.7. This is due to missing or incorrect nonce validation on the render_settings function. This makes it possible for unauthenticated attackers to arbitrarily change plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions
max 0.3.7.
Status
vulnerable
Previous vulnerability researches
WP Simple Spreadsheet Fetcher for Google (9cd08c7b544670c599894ecad519a2cfa20e001b) , Jun 06, 2024
WP Simple Spreadsheet Fetcher for Google (f224ff37-4126-49bc-b432-0d1e177abec8) , Jun 16, 2026
WP Simple Spreadsheet Fetcher for Google (f8fce47113e556ee0530bb8582de7956f1271b31) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026