5 matches found
CVE-2024-3472
The Modal Window WordPress plugin before 5.3.10 does not have CSRF check in place when bulk deleting modals, which could allow attackers to make a logged in admin delete them via a CSRF attack...
CVE-2024-3472
CVE-2024-3472 affects the WordPress Modal Window plugin prior to version 5.3.10. It lacks CSRF protection for bulk deletion of modals, enabling CSRF-based admin actions. Red Hat and Patchstack entries corroborate the issue and list the fix as updating to 5.3.10. Remediation: upgrade to 5.3.10 or ...
CVE-2024-3472 Modal Window < 5.3.10 - Modal Deletion via CSRF
The Modal Window WordPress plugin before 5.3.10 does not have CSRF check in place when bulk deleting modals, which could allow attackers to make a logged in admin delete them via a CSRF attack...
CVE-2024-3472 Modal Window < 5.3.10 - Modal Deletion via CSRF
The Modal Window WordPress plugin before 5.3.10 does not have CSRF check in place when bulk deleting modals, which could allow attackers to make a logged in admin delete them via a CSRF attack...
WordPress Modal Window Plugin < 5.3.10 is vulnerable to Cross Site Request Forgery (CSRF)
Software Modal Window Type Plugin Vulnerable versions 5.3.10 Fixed in 5.3.10 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3472 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9d7096a40943 Credits Bob Matyas Required...