2 matches found
WordPress reCAPTCHA Jetpack Plugin <= 0.2.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software reCAPTCHA Jetpack Type Plugin Vulnerable versions = 0.2.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3940 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cb69d1ca95bb Credits Bob Matyas Required...
CVE-2024-3940 reCAPTCHA Jetpack <= 0.2.2 - Settings Update via CSRF
The reCAPTCHA Jetpack WordPress plugin through 0.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...