Lucene search

CVE-2024-0767

🗓️ 28 Feb 2024 08:13:33Reported by WordfenceType

Envo's Elementor Templates & Widgets for WooCommerce plugin CVE-2024-0767 security issu

Reporter	Title	Published	Views	Family All 7
Cvelist	CVE-2024-0767	28 Feb 202408:33	–	cvelist
CVE	CVE-2024-0767	28 Feb 202409:15	–	cve
NVD	CVE-2024-0767	28 Feb 202409:15	–	nvd
Prion	Cross site request forgery (csrf)	28 Feb 202409:15	–	prion
Patchstack	WordPress Envo's Elementor Templates & Widgets for WooCommerce Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)	28 Feb 202400:00	–	patchstack
WPVulnDB	Envo's Elementor Templates & Widgets for WooCommerce < 1.4.5 - Arbitrary Plugin Activation via CSRF	27 Feb 202400:00	–	wpvulndb
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (February 26, 2024 to March 3, 2024)	7 Mar 202416:12	–	wordfence

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/envo-elementor-for-woocommerce/trunk/includes/admin/include/template-library.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/cca71257-05dc-43d5-8de6-faf0a2feab2e

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Feb 2024 08:33Current

4.4Medium risk

Vulners AI Score4.4

CVSS34.3

SSVC