2 matches found
CVE-2024-13146
creationtimestamp| type| source ---|---|--- 2025-03-26 06:25:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8807 2025-03-26 06:57:37+00:00| seen| https://bsky.app/profile/potato.software/post/3llb7h5osla2b 2025-03-26 09:42:19+00:00| seen| https://t.me/cvedetector/21152...
CVE-2024-13146 Booknetic < 4.1.5 - Staff Creation via CSRF
The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack...