3 matches found
CVE-2024-3477 Popup Box < 2.2.7 - Popup Deletion via CSRF
The Popup Box WordPress plugin before 2.2.7 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting popups via CSRF attacks...
CVE-2024-3477 Popup Box < 2.2.7 - Popup Deletion via CSRF
The Popup Box WordPress plugin before 2.2.7 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting popups via CSRF attacks...
WordPress Popup Box Plugin < 2.2.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Popup Box Type Plugin Vulnerable versions 2.2.7 Fixed in 2.2.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3477 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d1f8f6b4cec4 Credits Bob Matyas Required privileg...