CVE-2024-6751
CVE-2024-6751
Título es
CVE-2024-6751
Mié, 24/07/2024 – 03:15
Tipo
CWE-352
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-6751
Descripción en
The Social Auto Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.3.14. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to add, modify, or delete post meta and plugin options.
24/07/2024
24/07/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Gravedad 3.1 (CVSS 3.1 Base Score)
6.30
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
Enviar en el boletín
Off
