4 matches found
CVE-2024-37478
Cross-Site Request Forgery CSRF vulnerability in wproyal Ashe ashe allows Cross Site Request Forgery.This issue affects Ashe: from n/a through = 2.233...
CVE-2024-37478
creationtimestamp| type| source ---|---|--- 2025-01-02 12:19:20+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2pysyhz2l 2025-01-02 17:38:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113759977707852435...
CVE-2024-37478
CVE-2024-37478 is a CSRF vulnerability in the WP Royal Ashe theme affecting Ashe versions n/a through 2.233. The issue concerns Cross-Site Request Forgery where an attacker could trigger unintended actions on behalf of a logged-in user. The provided connected documents (NVD, RH, CIRCL, CNNVD, etc...
WordPress Ashe Theme <= 2.233 is vulnerable to Cross Site Request Forgery (CSRF)
Software Ashe Type Theme Vulnerable versions = 2.233 Fixed in 2.234 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37478 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 01c115634ea3 Credits Dhabaleshwar Das Required...