CVE-2024-2970 | tsina News Wall Plugin up to 1.1.0 on WordPress Setting nwap_newslist_page cross-site request forgery

Inserito da Angelo Barbosa | Mar 29, 2024 | CVE

A vulnerability has been found in tsina News Wall Plugin up to 1.1.0 on WordPress and classified as problematic. Affected by this vulnerability is the function nwap_newslist_page of the component Setting Handler. The manipulation leads to cross-site request forgery.

This vulnerability is known as CVE-2024-2970. The attack can be launched remotely. There is no exploit available.

CVE-2024-2970 | tsina News Wall Plugin up to 1.1.0 on WordPress Setting nwap_newslist_page cross-site request forgery

Post correlati

CVE-2024-4441 | XML Sitemap & Google News Plugin up to 5.4.8 on WordPress file inclusion

CVE-2023-45066 | Smackcoders Export All Plugin up to 2.4.1 on WordPress information disclosure

CVE-2023-1419 | Debezium prior 2.3.0.Alpha1 connector injection

CVE-2023-38055 | easyappointments up to 1.4.x /services/{serviceId} authorization