2 matches found
WordPress Smart Image Gallery Plugin < 1.0.19 is vulnerable to Cross Site Request Forgery (CSRF)
Software Smart Image Gallery Type Plugin Vulnerable versions 1.0.19 Fixed in 1.0.19 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3632 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 13b040259b7b Credits Bob Matyas...
CVE-2024-3632 Smart Image Gallery < 1.0.19 - Update/Delete Google API Key via CSRF
The Smart Image Gallery WordPress plugin before 1.0.19 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...