2 matches found
CVE-2024-4480 WP Prayer II <= 2.4.7 - Email Settings Update via CSRF
The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
WordPress WP Prayer II Plugin <= 2.4.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Prayer II Type Plugin Vulnerable versions = 2.4.7 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-4480 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4976d5ae1cf6 Credits Bob Matyas Required...