The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/d1449be1-ae85-46f4-b5ba-390d25b87723/ | Third Party Advisory |
Configurations
History
07 Aug 2024, 20:53
Type | Values Removed | Values Added |
---|---|---|
First Time |
Dmytropopov light Poll
Dmytropopov |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | CWE-352 | |
References | () https://wpscan.com/vulnerability/d1449be1-ae85-46f4-b5ba-390d25b87723/ - Third Party Advisory | |
CPE | cpe:2.3:a:dmytropopov:light_poll:*:*:*:*:*:wordpress:*:* | |
Summary |
|
06 Aug 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-06 16:15
Updated : 2024-10-28 20:35
NVD link : CVE-2024-6720
Mitre link : CVE-2024-6720
CVE.ORG link : CVE-2024-6720
JSON object : View
Products Affected
dmytropopov
- light_poll
CWE
CWE-352
Cross-Site Request Forgery (CSRF)