CVE-2024-6405
CVE-2024-6405 affects the WordPress plugin Floating Social Buttons . The vulnerability is a Cross-Site Forgery (CSRF) in versions up to 1.5 due to missing/incorrect nonce validation in the function floating_social_buttons_option() . This enables unauthenticated attackers to update the plugin’s se...