Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:46 a.m.7 views

CVE-2024-3824

The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

5.5CVSS6.7AI score0.00202EPSS
Exploits2References1
OSV
OSV
added 2024/05/15 6:15 a.m.3 views

CVE-2024-3824

The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

5.5CVSS5.8AI score0.00202EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/05/15 6:0 a.m.24 views

CVE-2024-3824 Base64 Encoder/Decoder <= 0.9.2 - Settings Reset via CSRF

The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

6.6AI score0.00202EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/05/15 6:0 a.m.20 views

CVE-2024-3824 Base64 Encoder/Decoder <= 0.9.2 - Settings Reset via CSRF

The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

6.7AI score0.00202EPSS
Exploits2References1
CVE
CVE
added 2024/05/15 6:0 a.m.61 views

CVE-2024-3824

CVE-2024-3824 affects the WordPress plugin “Base64 Encoder/Decoder” up to version 0.9.2. The vulnerability arises from a missing CSRF check when resetting plugin settings, potentially allowing a logged-in attacker to trigger a CSRF reset on an admin. Public details consistently describe the issue...

5.5CVSS6.6AI score0.00202EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/05/15 12:0 a.m.8 views

WordPress Base64 Encoder/Decoder Plugin <= 0.9.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Base64 Encoder/Decoder Type Plugin Vulnerable versions = 0.9.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3824 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 51b5eb3fcb26 Credits Bob Matyas...

6.6AI score0.00202EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder