Lucene search
WPScanCVELIST:CVE-2024-3642HistoryMay 16, 2024 - 6:00 a.m.
CVE-2024-3642 Newsletter Popup <= 1.2 - Subscriber Deletion via CSRF
2024-05-1606:00:02
WPScan
www.cve.org
cve-2024-3642
newsletter popup
csrf
wordpress
subscriber deletion
The Newsletter Popup WordPress plugin through 1.2 does not have CSRF check when deleting subscriber, which could allow attackers to make logged in admins perform such action via a CSRF attack
CNA Affected
[
{
"vendor": "Unknown",
"product": "Newsletter Popup",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "1.2"
}
],
"defaultStatus": "affected"
}
]Related
nvd
nvd
CVE-2024-3642
2024-05-16 06:15:09
vulnrichment
vulnrichment
CVE-2024-3642 Newsletter Popup <= 1.2 - Subscriber Deletion via CSRF
2024-05-16 06:00:02
wpexploit
wpexploit
Newsletter Popup <= 1.2 - Subscriber Deletion via CSRF
2024-04-25 00:00:00
wpvulndb
wpvulndb
Newsletter Popup <= 1.2 - Subscriber Deletion via CSRF
2024-04-25 00:00:00
cve
cve
CVE-2024-3642
2024-05-16 06:15:09