2 matches found
CVE-2024-2262
Themify WordPress plugin before 1.4.4 does not have CSRF check in its bulk action, which could allow attackers to make logged in users delete arbitrary filters via CSRF attack, granted they know the related filter slugs...
WordPress Themify – WooCommerce Product Filter Plugin < 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Themify – WooCommerce Product Filter Type Plugin Vulnerable versions 1.4.4 Fixed in 1.4.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2262 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 9af412c77d7f Credits...