2 matches found
CVE-2024-8477 Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) <= 3.1.87 - Cross-Site Request Forgery
The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo formely Sendinblue plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.87. This is due to missing or incorrect nonce validation on the Init function. This makes it possible fo...
WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue Plugin <= 3.1.87 is vulnerable to Cross Site Request Forgery (CSRF)
Software Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue Type Plugin Vulnerable versions = 3.1.87 Fixed in 3.1.88 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-8477 Patch priority Low CVSS severity Low 4.3 Developer Claim...