Lucene search
China National Vulnerability DatabaseCNVD-2021-101721HistoryDec 18, 2021 - 12:00 a.m.
WordPress WP Limits plugin cross-site request forgery vulnerability
2021-12-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
wordpress
wp limits
cross-site request forgery
php
mysql
settings vulnerability
administrator login
EPSS
0.001
Percentile
27.8%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WP Limits plugin is a WordPress open source application plugin. WordPress WP Limits plugin in version 1.0 and earlier is vulnerable to cross-site request forgery, which stems from a failure to perform CSRF checks when saving its settings. An attacker could exploit this vulnerability to allow the login administrator to change these settings, which could make the blog unstable by setting low values.
Related
wpvulndb
wpvulndb
WP Limits <= 1.0 - Plugin's Settings Update via CSRF
2021-11-15 00:00:00
wpexploit
wpexploit
WP Limits <= 1.0 - Plugin's Settings Update via CSRF
2021-11-15 00:00:00
nvd
nvd
CVE-2021-24818
2021-12-13 11:15:08
prion
prion
Cross site request forgery (csrf)
2021-12-13 11:15:00
cvelist
cvelist
CVE-2021-24818 WP Limits <= 1.0 - Plugin's Settings Update via CSRF
2021-12-13 10:41:00
patchstack
patchstack
cve
cve
CVE-2021-24818
2021-12-13 11:15:08