3 matches found
CVE-2024-2858
CVE-2024-2858 : The WordPress plugin Simple Buttons Creator (versions
CVE-2024-2858 Simple Buttons Creator <= 1.04 - Aribtrary Button Deletion via CSRF
The Simple Buttons Creator WordPress plugin through 1.04 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
WordPress Simple Buttons Creator Plugin <= 1.04 is vulnerable to Cross Site Request Forgery (CSRF)
Software Simple Buttons Creator Type Plugin Vulnerable versions = 1.04 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2858 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID bfe6a65231af Credits Bob Matyas...