4 matches found
CVE-2024-13826
The Email Keep WordPress plugin through 1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-13826 Email Keep <= 1.1 - Email Deletion via CSRF
The Email Keep WordPress plugin through 1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-13826 Email Keep <= 1.1 - Email Deletion via CSRF
The Email Keep WordPress plugin through 1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2024-13826
The CVE-2024-13826 entry affects the Email Keep WordPress plugin up to version 1.1. Root cause: absence of CSRF protection when updating plugin settings. Impact: an attacker could exploit this CSRF vulnerability to cause a logged-in admin to change settings. The description is corroborated by mul...