WordPress Smart Image Gallery plugin < 1.0.19 - Update/Delete Google API Key via CSRF vulnerability

Update/Delete Google API Key via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Smart Image Gallery versions 1.0.19...

WordPress Smart Image Gallery Plugin < 1.0.19 is vulnerable to Cross Site Request Forgery (CSRF)

Software Smart Image Gallery Type Plugin Vulnerable versions 1.0.19 Fixed in 1.0.19 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3632 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 13b040259b7b Credits Bob Matyas...

CVE-2024-3632

The Smart Image Gallery WordPress plugin before 1.0.19 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-3632

The Smart Image Gallery WordPress plugin before 1.0.19 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-3632

CVE-2024-3632 affects the WordPress plugin Smart Image Gallery prior to version 1.0.19. The vulnerability arises from a missing CSRF check when updating plugin settings, enabling a logged-in attacker to modify settings via a CSRF attack. Patch information from Patchstack indicates the fix is in 1...

CVE-2024-3632 Smart Image Gallery < 1.0.19 - Update/Delete Google API Key via CSRF

The Smart Image Gallery WordPress plugin before 1.0.19 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-3632 Smart Image Gallery < 1.0.19 - Update/Delete Google API Key via CSRF

The Smart Image Gallery WordPress plugin before 1.0.19 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

PT-2024-26956 · WordPress · Smart Image Gallery

Name of the Vulnerable Software and Affected Versions: Smart Image Gallery WordPress plugin versions prior to 1.0.19 Description: The issue concerns a lack of CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. Recommendations: F...

WordPress plugin Smart Image Gallery security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...