Lucene search

K
cve[email protected]CVE-2024-4535
HistoryMay 27, 2024 - 6:15 a.m.

CVE-2024-4535

2024-05-2706:15:10
web.nvd.nist.gov
41
kkprogressbar2
wordpress
csrf
vulnerability
nvd

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks

Affected configurations

Vulners
Node
free_php_scriptsfree_image_hostingRange1.1.4.2

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "KKProgressbar2 Free ",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThanOrEqual": "1.1.4.2"
      }
    ],
    "defaultStatus": "affected"
  }
]

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%