3 matches found
CVE-2024-1777
The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the settings update function. This makes it possible for unauthenticated attackers t...
CVE-2024-1777
CVE-2024-1777 concerns the WordPress plugin “Admin side data storage for Contact Form 7.” The vulnerability is a Cross-Site Request Forgery (CSRF) caused by missing or incorrect nonce validation on the plugin’s settings update function, enabling unauthenticated attackers to alter plugin settings ...
CVE-2024-1777 Admin side data storage for Contact Form 7 <= 1.1.1 - Cross-Site Request Forgery
The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the settings update function. This makes it possible for unauthenticated attackers t...