4 matches found
CVE-2024-3971
The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...
CVE-2024-3971
The CVE CVE-2024-3971 concerns the Similarity WordPress plugin (
CVE-2024-3971 Similarity <= 3.0 - Plugin Reset via CSRF
The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...
WordPress Similarity Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Similarity Type Plugin Vulnerable versions = 3.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3971 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9a13b3ce24a3 Credits Bob Matyas Required privilege...