2 matches found
CVE-2024-4103
CVE-2024-4103 affects ADFO – Custom data in admin dashboard for WordPress. It is a CSRF vulnerability in all versions up to 1.9.0 caused by missing/incorrect nonce validation on functions hooked via the controller() function, enabling unauthenticated attackers to edit plugin settings if a site ad...
CVE-2024-4103 ADFO – Custom data in admin dashboard <= 1.9.0 - Cross-Site Request Forgery
The ADFO – Custom data in admin dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.0. This is due to missing or incorrect nonce validation on several functions hooked via the controller function. This makes it possible for...