Lucene search
+L

4 matches found

nvd
nvd
added 2024/12/13 9:15 a.m.14 views

CVE-2024-12414

The Themify Store Locator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.9. This is due to missing or incorrect nonce validation on the settingpage function. This makes it possible for unauthenticated attackers to modify the plugin's...

4.3CVSS0.00207EPSS
Exploits0References3
circl
circl
added 2024/12/13 8:51 a.m.9 views

CVE-2024-12414

creationtimestamp| type| source ---|---|--- 2024-12-13 08:51:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113644659439675438 2024-12-13 10:45:02+00:00| seen| https://t.me/cvedetector/12840...

4.3CVSS8.7AI score0.00207EPSS
Exploits0References2
cve
cve
added 2024/12/13 8:24 a.m.52 views

CVE-2024-12414

CVE-2024-12414 affects Themify Store Locator for WordPress (versions up to 1.1.9). Root cause: missing/incorrect nonce validation in setting_page(), enabling Cross‑Site Request Forgery. Attack: unauthenticated attacker can induce an admin to perform forged requests to modify plugin settings. Impa...

4.3CVSS4.3AI score0.00207EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2024/12/13 8:24 a.m.13 views

CVE-2024-12414 Themify Store Locator <= 1.1.9 - Cross-Site Request Forgery

The Themify Store Locator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.9. This is due to missing or incorrect nonce validation on the settingpage function. This makes it possible for unauthenticated attackers to modify the plugin's...

4.3CVSS6.4AI score0.00207EPSS
Exploits0References3
Rows per page
Query Builder