Lucene search
K

4 matches found

Circl
Circl
added 2021/11/08 8:29 p.m.6 views

CVE-2021-24806

creationtimestamp| type| source ---|---|--- 2021-11-08 20:29:20+00:00| seen| https://t.me/cibsecurity/31993...

4.3CVSS4.6AI score0.00467EPSS
Exploits2References1
OSV
OSV
added 2021/11/08 6:15 p.m.4 views

CVE-2021-24806

The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary comment, or the user who made the comment to edit it via a CSRF attack. Attackers could also make...

4.3CVSS5.9AI score
Exploits0References1
CVE
CVE
added 2021/11/08 5:35 p.m.50 views

CVE-2021-24806

CVE-2021-24806 documents a CSRF vulnerability in the WordPress plugin wpDiscuz, affecting versions before 7.3.4. The flaw is a CSRF check failure for adding, editing, and deleting comments, enabling an attacker to cause logged-in users (including admins or the comment author) to edit/delete arbit...

4.3CVSS4.5AI score0.00467EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/11/08 5:35 p.m.16 views

CVE-2021-24806 wpDiscuz < 7.3.4 - Arbitrary Comment Addition/Edition/Deletion via CSRF

The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF when adding, editing and deleting comments, which could allow attacker to make logged in users such as admin edit and delete arbitrary comment, or the user who made the comment to edit it via a CSRF attack. Attackers could also make...

5AI score0.00467EPSS
Exploits2References1
Rows per page
Query Builder