The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-07-12T06:00:06.639Z
Updated: 2024-08-01T21:25:03.198Z
Reserved: 2024-06-14T19:18:13.115Z
Link: CVE-2024-6022
Vulnrichment
Updated: 2024-08-01T21:25:03.198Z
NVD
Status : Analyzed
Published: 2024-07-12T06:15:04.893
Modified: 2024-08-02T19:46:23.360
Link: CVE-2024-6022
Redhat
No data.