2 matches found
CVE-2024-6023 ContentLock <= 1.0.3 - Email Adding via CSRF
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when adding emails, which could allow attackers to make a logged in admin perform such action via a CSRF attack...
WordPress ContentLock Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software ContentLock Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6023 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 38c834154e63 Credits Norbert Hofmann Required...