Lucene search

K
cvelistWPScanCVELIST:CVE-2024-4535
HistoryMay 27, 2024 - 6:00 a.m.

CVE-2024-4535 KKProgressbar2 Free <= 1.1.4.2 - Progress Bar Deletion via CSRF

2024-05-2706:00:02
WPScan
www.cve.org
2
kkprogressbar2
wordpress
csrf
vulnerability

9.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "KKProgressbar2 Free ",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThanOrEqual": "1.1.4.2"
      }
    ],
    "defaultStatus": "affected"
  }
]

9.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%