cleantalk
Vulnerabilities and Security Researches

WP Simple Spreadsheet Fetcher for Google, f224ff37-4126-49bc-b432-0d1e177abec8

CVE, Research URL

f224ff37-4126-49bc-b432-0d1e177abec8

Home page URL

Security reports for WP Simple Spreadsheet Fetcher for Google

Application

WP Simple Spreadsheet Fetcher for Google

Published on
-
Research Description
WP Simple Spreadsheet Fetcher for Google [wp-simple-spreadsheet-fetcher-for-google] < 0.3.7 WP Simple Spreadsheet Fetcher For Google &lt; 0.3.7 - Arbitrary API Key update via CSRF The lack of Cross-Site Request Forgery (CSRF) checks on the plugin&#039;s settings page could allow CSRF attacks to set an arbitrary API key.
Affected versions
max 0.3.7.
Status
vulnerable
Previous vulnerability researches
WPvivid Backup for MainWP (ec00cf2f6a6757dc3371250c1689bf0e482f89f9) , Jun 16, 2026
WPvivid Backup for MainWP (2c3fbbc425bd92d0f969e669e6a4b8564997aa02) , Jun 16, 2026
WPvivid Backup for MainWP (CVE-2024-35664) , Jun 06, 2024
WPvivid Backup for MainWP (CVE-2024-1383) , Jun 06, 2024
New vulnerability
WP SMS Plugin Notification for WordPress (72e44d3605478ba886b58e5dc13d074197875ee3) , Jun 16, 2026
WP SMS Plugin Notification for WordPress (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Async JavaScript (a535d19a588d298275a50a334cb3297b070e2d46) , Jun 16, 2026
Async JavaScript (278f7c36-05f8-4b6f-9a13-11175e3f3971) , Jun 16, 2026
Async JavaScript (dc720f7e4f71488f6f9e4d0e22eb0a048932a77b) , Jun 16, 2026