Lucene search

K
cvelistWPScanCVELIST:CVE-2021-24641
HistoryNov 23, 2021 - 7:16 p.m.

CVE-2021-24641 Images to WebP < 1.9 - Multiple Cross Site Request Forgery (CSRF)

2021-11-2319:16:01
CWE-352
WPScan
www.cve.org

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.3%

The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion

CNA Affected

[
  {
    "product": "Images to WebP",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.9",
        "status": "affected",
        "version": "1.9",
        "versionType": "custom"
      }
    ]
  }
]

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.3%

Related for CVELIST:CVE-2021-24641