3 matches found
CVE-2024-3476
The Side Menu Lite WordPress plugin before 4.2.1 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting buttons via CSRF attacks...
CVE-2024-3476 Side Menu Lite < 4.2.1 - Menu Deletion via CSRF
The Side Menu Lite WordPress plugin before 4.2.1 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting buttons via CSRF attacks...
WordPress Side Menu Lite Plugin < 4.2.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Side Menu Lite Type Plugin Vulnerable versions 4.2.1 Fixed in 4.2.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3476 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 570b701cebb0 Credits Bob Matyas Required...