CVE-2024-13753
CVE-2024-13753 — The Ultimate Classified Listings WordPress plugin is vulnerable to Cross-Site Request Forgery in all versions up to 1.4 due to missing or incorrect nonce validation on the update_profile function. This could allow unauthenticated attackers to modify a victim’s email via a forged ...