3 matches found
CVE-2024-32112
Cross-Site Request Forgery CSRF vulnerability in Leadinfo leadinfo. The patch was released under the same version which was reported as vulnerable. We consider the current version as vulnerable.This issue affects Leadinfo: from n/a through 1.0...
CVE-2024-32112
CVE-2024-32112 is a CSRF vulnerability in the Leadinfo WordPress plugin affecting Leadinfo versions up to 1.0. The weakness enables Cross‑Site Request Forgery, with CVSS v3.1 metrics indicating Attack Vector: Network, Attack Complexity: Low, Privileges Required: None, User Interaction: Required, ...
WordPress Leadinfo Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Leadinfo Type Plugin Vulnerable versions = 1.0 Fixed in 1.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32112 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 9d1715057445 Credits Nguyen Xuan Chien Required...