OpenCVE

Filtered by vendor Shantz Wordpress Qotd Project Subscriptions

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-24380	1 Shantz Wordpress Qotd Project	1 Shantz Wordpress Qotd	2024-08-03	4.3 Medium
The Shantz WordPress QOTD WordPress plugin through 1.2.2 is lacking any CSRF check when updating its settings, allowing attackers to make logged in administrators change them to arbitrary values.

Page 1 of 1.