WordPress DN Popup plugin <= 1.2.2 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin DN Popup versions = 1.2.2...

CVE-2024-7690

The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-7690

CVE-2024-7690 concerns the WordPress plugin DN Popup prior to or including version 1.2.2, which lacks a CSRF check when updating its settings. This could allow a logged-in administrator to have settings changed via a CSRF attack. The Red Hat and CVE listings describe the same issue, clearly linki...

CVE-2024-7690 DN Popup <= 1.2.2 - Settings Update via CSRF

The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-7690 DN Popup <= 1.2.2 - Settings Update via CSRF

The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

WordPress plugin DN Popup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-38512 · WordPress · Dn Popup

Name of the Vulnerable Software and Affected Versions: DN Popup WordPress plugin versions 1.2.2 and earlier Description: The issue is related to the lack of a CSRF check when updating the plugin's settings. This could allow attackers to make a logged-in admin change the settings via a CSRF attack...