mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
895 B
895 B
CVE-2024-1306
&color=brighgreen)
Description
The Smart Forms WordPress plugin before 2.6.94 does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium risk.
POC
Reference
- https://wpscan.com/vulnerability/c7ce2649-b2b0-43f4-994d-07b1023405e9/
- https://wpscan.com/vulnerability/c7ce2649-b2b0-43f4-994d-07b1023405e9/