Lucene search
K

5 matches found

Patchstack
Patchstack
added 2025/05/19 3:52 a.m.11 views

WordPress GS Logo Slider plugin < 3.7.1 - Settings Update via Cross-Site Request Forgery vulnerability

Settings Update via Cross-Site Request Forgery vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin GS Logo Slider versions 3.7.1...

4.3CVSS6.8AI score0.00161EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/17 9:3 p.m.10 views

CVE-2024-9233

The Logo Slider WordPress plugin before 3.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

4.3CVSS6.8AI score0.00161EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 8:16 p.m.10 views

CVE-2024-9233

The Logo Slider WordPress plugin before 3.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

4.3CVSS0.00161EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.9 views

CVE-2024-9233 GS Logo Slider < 3.7.1 - Settings Update via Cross-Site Request Forgery

The Logo Slider WordPress plugin before 3.7.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

7AI score0.00161EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.36 views

CVE-2024-9233

CVE-2024-9233 concerns the Logo Slider WordPress plugin, versions prior to 3.7.1. The public description and Red Hat/NVD entries confirm a lack of CSRF protection when updating plugin settings, potentially allowing a logged-in admin to be coerced into changing settings via CSRF. The vulnerability...

4.3CVSS6.8AI score0.00161EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder