2 matches found
CVE-2024-0830
The CVE-2024-0830 issue affects the WordPress plugin Comments Extra Fields For Post,Pages and CPT. The vulnerability is a CSRF flaw caused by missing or incorrect nonce validation on several AJAX actions, enabling unauthenticated attackers to trigger those actions by deceiving an admin (e.g., cli...
WordPress WordPress Comments Fields Plugin <= 5.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software WordPress Comments Fields Type Plugin Vulnerable versions = 5.0 Fixed in 5.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0830 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 9c14d6f7a75c Credits Francesco...