CVE-2024-8044

The infolinks Ad Wrap WordPress plugin through 1.0.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8044

The infolinks Ad Wrap WordPress plugin through 1.0.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8044

The infolinks Ad Wrap WordPress plugin through 1.0.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8044 infolinks Ad Wrap <= 1.0.2 - Settings Update via CSRF

The infolinks Ad Wrap WordPress plugin through 1.0.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8044 infolinks Ad Wrap <= 1.0.2 - Settings Update via CSRF

The infolinks Ad Wrap WordPress plugin through 1.0.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2024-8044

CVE-2024-8044 affects the WordPress plugin infolinks Ad Wrap (versions up to 1.0.2). The issue is a missing CSRF check when updating plugin settings, allowing a logged-in administrator to have settings changed via CSRF. Public docs identify versions 1.0.0–1.0.2 as vulnerable and provide no public...

WordPress plugin infolinks Ad Wrap 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-38770 · Infolinks · Infolinks Ad Wrap Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: infolinks Ad Wrap WordPress plugin versions 1.0.0 through 1.0.2 Description: The issue is related to the lack of CSRF protection when updating settings in the infolinks Ad Wrap WordPress plugin. This could allow attackers to make a logged-in...

WordPress infolinks Ad Wrap plugin <= 1.0.2 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Daniel Ruf in WordPress Plugin infolinks Ad Wrap versions = 1.0.2...

WordPress infolinks Ad Wrap Plugin <= 1.0.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software infolinks Ad Wrap Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-8044 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 904aefb1e00b Credits Daniel Ruf Required...