WordPress DN Popup plugin <= 1.2.2 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin DN Popup versions = 1.2.2...

CVE-2024-7690

The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-7690 DN Popup <= 1.2.2 - Settings Update via CSRF

The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-7690 DN Popup <= 1.2.2 - Settings Update via CSRF

The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-7690

CVE-2024-7690 concerns the WordPress plugin DN Popup prior to or including version 1.2.2, which lacks a CSRF check when updating its settings. This could allow a logged-in administrator to have settings changed via a CSRF attack. The Red Hat and CVE listings describe the same issue, clearly linki...

WordPress plugin DN Popup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-38512 · WordPress · Dn Popup

Name of the Vulnerable Software and Affected Versions: DN Popup WordPress plugin versions 1.2.2 and earlier Description: The issue is related to the lack of a CSRF check when updating the plugin's settings. This could allow attackers to make a logged-in admin change the settings via a CSRF attack...