Lucene search
WPScanVULNRICHMENT:CVE-2024-6855HistorySep 08, 2024 - 6:00 a.m.
CVE-2024-6855 WP MultiTasking <= 0.1.12 - Exit Popup Update via CSRF
2024-09-0806:00:02
WPScan
github.com
2
cve-2024-6855
wordpress
exit popup
csrf
update
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
17.7%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating exit popups, which could allow attackers to make logged admins perform such action via a CSRF attack
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:thangnv27:wp_multitasking:*:*:*:*:*:*:*:*"
],
"vendor": "thangnv27",
"product": "wp_multitasking",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "0.1.12"
}
],
"defaultStatus": "unknown"
}
]Related
cve
cve
CVE-2024-6855
2024-09-08 06:15:02
cvelist
cvelist
CVE-2024-6855 WP MultiTasking <= 0.1.12 - Exit Popup Update via CSRF
2024-09-08 06:00:02
nvd
nvd
CVE-2024-6855
2024-09-08 06:15:02
wordfence
wordfence
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
17.7%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-6855