Lucene search
WpvulndbWPVDB-ID:AD6D9B14-6057-43C8-A197-8214D271BE32HistoryFeb 08, 2024 - 12:00 a.m.
Contact Form 7 Connector < 1.2.3 - Cross-Site Request Forgery
2024-02-0800:00:00
wpscan.com
9
wordpress
plugin
vulnerability
cross-site request forgery
contact form 7 connector
Description The Contact Form 7 Connector plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.2. This is due to missing or incorrect nonce validation on several function. This makes it possible for unauthenticated attackers to perform unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Related
nvd
nvd
CVE-2024-24884
2024-02-12 09:15:12
prion
prion
Cross site request forgery (csrf)
2024-02-12 09:15:00
cvelist
cvelist
vulnrichment
vulnrichment
cve
cve
CVE-2024-24884
2024-02-12 09:15:12
wordfence
wordfence
AI Score
6.6
Confidence
Low
EPSS
0
Percentile
9.0%
Related for WPVDB-ID:AD6D9B14-6057-43C8-A197-8214D271BE32