CVE-2024-12414
CVE-2024-12414 affects Themify Store Locator for WordPress (versions up to 1.1.9). Root cause: missing/incorrect nonce validation in setting_page(), enabling Cross‑Site Request Forgery. Attack: unauthenticated attacker can induce an admin to perform forged requests to modify plugin settings. Impa...