WordPress Hestia theme <= 3.2.10 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Martino Spagnuolo r3verii in WordPress Theme Hestia versions = 3.2.10...

CVE-2024-37467

CVE-2024-37467 is a CSRF vulnerability in ThemeIsle Hestia WordPress theme affecting Hestia up to version 3.1.2 (vendor/product: ThemeIsle Hestia). Public docs confirm remediation: update to 3.1.3 or later. CVSS v3.1 base score 4.3 (Medium); exploitation status not specified in provided materials...

CVE-2024-37467 WordPress Hestia theme <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in themeisle Hestia hestia allows Cross Site Request Forgery.This issue affects Hestia: from n/a through = 3.1.2...

WordPress Hestia Theme <= 3.1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Hestia Type Theme Vulnerable versions = 3.1.2 Fixed in 3.1.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37467 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 143c51756c08 Credits Dhabaleshwar Das Required...