Medium severity4.3NVD Advisory· Published Aug 16, 2021· Updated Jun 17, 2026
CVE-2021-24380
CVE-2021-24380
Description
The Shantz WordPress QOTD WordPress plugin through 1.2.2 is lacking any CSRF check when updating its settings, allowing attackers to make logged in administrators change them to arbitrary values.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=1.2.2
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/1dd0f9a8-22ab-4ecc-a925-605822739000nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.