CVE-2024-2970 | tsina News Wall Plugin up to 1.1.0 on WordPress Setting nwap_newslist_page cross-site request forgery

Inserito da Angelo Barbosa | Mar 29, 2024 | CVE

A vulnerability has been found in tsina News Wall Plugin up to 1.1.0 on WordPress and classified as problematic. Affected by this vulnerability is the function nwap_newslist_page of the component Setting Handler. The manipulation leads to cross-site request forgery.

This vulnerability is known as CVE-2024-2970. The attack can be launched remotely. There is no exploit available.

CVE-2024-2970 | tsina News Wall Plugin up to 1.1.0 on WordPress Setting nwap_newslist_page cross-site request forgery

Post correlati

CVE-2024-37127 | Dell Peripheral Manager up to 1.7.5 Symbolic Links uncontrolled search path (dsa-2024-242)

CVE-2024-37301 | adfinis document-merge-service up to 6.5.1 Template special elements used in a template engine (GHSA-v5gf-r78h-55q6)

CVE-2014-125109 | BestWebSoft Portfolio Plugin up to 2.27 bws_menu/bws_menu.php bws_add_menu_render bwsmn_form_email cross site scripting

CVE-2024-26624 | Linux Kernel up to 6.8-rc2 af_unix sk_diag_dump_icons information disclosure