2 matches found
CVE-2024-10892
The Cost Calculator Builder WordPress plugin before 3.2.43 does not have CSRF checks in some AJAX actions, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-10892
The CVE-2024-10892 entry is for the Cost Calculator Builder WordPress plugin prior to version 3.2.43, which lacks CSRF checks on certain AJAX actions, enabling CSRF via logged‑in users to trigger unwanted actions. Red Hat and CVE databases corroborate the issue and identify the affected plugin as...