2 matches found
CVE-2026-9734 W3SC Elementor to Zoho CRM <= 2.2.0 - Cross-Site Request Forgery to Settings Update
The W3SC Elementor to Zoho CRM plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the storeInfo function. This makes it possible for unauthenticated attackers to modify the plugin's...
CVE-2026-9734
The CVE-2026-9734 entry concerns the W3SC Elementor to Zoho CRM plugin for WordPress. A CSRF vulnerability exists in all versions up to 2.2.0 due to missing or incorrect nonce validation in the storeInfo function, enabling unauthenticated attackers to alter Zoho CRM integration settings by forgin...