Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-24674

Disclosure Date: November 08, 2021 (last updated February 23, 2025)
The Genie WP Favicon WordPress plugin through 0.5.2 does not have CSRF in place when updating the favicon, which could allow attackers to make a logged in admin change it via a CSRF attack
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0