Unrated severityNVD Advisory· Published Mar 26, 2025· Updated Mar 26, 2025
Booknetic < 4.1.5 - Staff Creation via CSRF
CVE-2024-13146
Description
The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack
Affected products
2- WordPress/Bookneticdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/19cb40dd-53b0-46db-beb0-1841e385ce09/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.