CVE-2024-2964 | marubon Pocket News Generator Plugin up to 0.2.0 on WordPress Setting option_page cross-site request forgery

Inserito da Angelo Barbosa | Mar 29, 2024 | CVE

A vulnerability classified as problematic has been found in marubon Pocket News Generator Plugin up to 0.2.0 on WordPress. This affects the function option_page of the component Setting Handler. The manipulation leads to cross-site request forgery.

This vulnerability is uniquely identified as CVE-2024-2964. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-2964 | marubon Pocket News Generator Plugin up to 0.2.0 on WordPress Setting option_page cross-site request forgery

Post correlati

CVE-2024-29454 | ROS2 Humble Hawksbill improper authorization

CVE-2023-45725 | Apache CouchDB up to 3.3.2 Design Document improper authorization

CVE-2024-6328 | MStore API Plugin up to 4.14.7 on WordPress improper authentication

CVE-2023-48697 | azure-rtos usbx up to 6.2.1 null pointer dereference (GHSA-p2p9-wp2q-wjv4)