3 matches found
CVE-2024-5030
The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin perform such action via a CSRF attack...
CVE-2024-5030
creationtimestamp| type| source ---|---|--- 2024-11-18 06:02:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113502437564937679 2024-11-18 08:10:58+00:00| seen| https://t.me/cvedetector/11285...
WordPress CM Table Of Contents – WordPress TOC Plugin Plugin < 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software CM Table Of Contents – WordPress TOC Plugin Type Plugin Vulnerable versions 1.2.3 Fixed in 1.2.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-5030 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bf478e63ad63...