Lucene search

CVE-2024-5167

🗓️ 13 Jul 2024 06:04:15Reported by WPScanType

The CM Email Registration Blacklist and Whitelist WordPress plugin before 1.4.9 lacks CSRF protection for adding or deleting items, enabling attackers to manipulate settings

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
NVD	CVE-2024-5167	13 Jul 202406:15	–	nvd
Cvelist	CVE-2024-5167 CM Email Registration Blacklist and Whitelist < 1.4.9 - Add/Delete Emails via CSRF Add and delete any item from blacklist/whitelist	13 Jul 202406:00	–	cvelist
Patchstack	WordPress CM Email Registration Blacklist and Whitelist Plugin < 1.4.9 is vulnerable to Cross Site Request Forgery (CSRF)	15 Jul 202400:00	–	patchstack
Vulnrichment	CVE-2024-5167 CM Email Registration Blacklist and Whitelist < 1.4.9 - Add/Delete Emails via CSRF Add and delete any item from blacklist/whitelist	13 Jul 202406:00	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)	27 Jun 202415:00	–	wordfence

Vulners

Vulnrichment

Node

cm_email_registration_blacklist_and_whitelistRange<1.4.9wordpress

[
  {
    "vendor": "Unknown",
    "product": "CM Email Registration Blacklist and Whitelist",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThan": "1.4.9"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/67bb5ab8-4493-4f5b-a989-41576675b61a/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Jul 2024 06:15Current

8High risk

Vulners AI Score8

CVSS38.1

EPSS0.00037

SSVC