3 matches found
CVE-2021-24802
The Colorful Categories WordPress plugin before 2.0.15 does not enforce nonce checks which could allow attackers to make a logged in admin or editor change taxonomy colors via a CSRF attack...
CVE-2021-24802
The CVE-2021-24802 entry concerns the WordPress Colorful Categories plugin (versions before 2.0.15). The underlying issue is missing nonce checks, enabling CSRF attacks that could cause a logged-in administrator or editor to arbitrarily update category colors. Affected component: WordPress Colorf...
CVE-2021-24802 Colorful Categories < 2.0.15 - Arbitrary Colors Update via CSRF
The Colorful Categories WordPress plugin before 2.0.15 does not enforce nonce checks which could allow attackers to make a logged in admin or editor change taxonomy colors via a CSRF attack...