The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Metrics
Affected Vendors & Products
References
History
Tue, 17 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Lucas Garcia
Lucas Garcia posts Reminder |
|
CPEs | cpe:2.3:a:lucas_garcia:posts_reminder:*:*:*:*:*:*:*:* | |
Vendors & Products |
Lucas Garcia
Lucas Garcia posts Reminder |
|
Metrics |
cvssV3_1
|
Tue, 17 Sep 2024 06:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Posts reminder WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | |
Title | Posts reminder <= 0.20 - Settings Update via CSRF | |
References |
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2024-09-17T06:00:06.839Z
Updated: 2024-09-17T13:53:06.906Z
Reserved: 2024-08-22T13:39:25.536Z
Link: CVE-2024-8093
Vulnrichment
Updated: 2024-09-17T13:53:00.600Z
NVD
Status : Awaiting Analysis
Published: 2024-09-17T06:15:02.977
Modified: 2024-09-20T12:31:20.110
Link: CVE-2024-8093
Redhat
No data.