3 matches found
CVE-2024-2326
The Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.3. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possibl...
WordPress Shortlinks by Pretty Links Plugin <= 3.6.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Shortlinks by Pretty Links Type Plugin Vulnerable versions = 3.6.3 Fixed in 3.6.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2326 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 02d57a965c0b Credits Webbernau...
CVE-2024-2326
CVE-2024-2326 refers to the WordPress plugin “Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing”. The Red Hat/NVD/ PatchStack entries confirm a CSRF vulnerability in all versions up to and including 3.6.3 caused by missing or incorrect nonce validation when saving plugin se...