CVE-2024-3643

2024-05-1606:15:10

[email protected]

web.nvd.nist.gov

wordpress

plugin

csrf

vulnerability

cve-2024-3643

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

The Newsletter Popup WordPress plugin through 1.2 does not have CSRF check when deleting list, which could allow attackers to make logged in admins perform such action via a CSRF attack

References

wpscan.com/vulnerability/698277e6-56f9-4688-9a84-c2fa3ea9f7dc/