Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2024-4969

Disclosure Date: June 21, 2024 (last updated June 25, 2024)
The Widget Bundle WordPress plugin through 2.0.0 does not have CSRF checks when logging Widgets, which could allow attackers to make logged in admin enable/disable widgets via a CSRF attack
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0