3 matches found
CVE-2024-12709 Bulk Me Now <= 2.0 - Message Deletion via CSRF
The Bulk Me Now! WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-12709
CVE-2024-12709 concerns the WordPress plugin Bulk Me Now! (versions ≤ 2.0). The issue is a lack of CSRF protections in certain paths, enabling attackers to trigger actions as logged-in users via CSRF. Several connected sources corroborate CSRF-related risk and, in Patch Stack, describe a CSRF-cau...
CVE-2024-12709 Bulk Me Now <= 2.0 - Message Deletion via CSRF
The Bulk Me Now! WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...