High severity8.1NVD Advisory· Published Jul 13, 2024· Updated Jun 17, 2026
CVE-2024-5167
CVE-2024-5167
Description
The CM Email Registration Blacklist and Whitelist WordPress plugin before 1.4.9 does not have CSRF check when adding or deleting an item from the blacklist or whitelist, which could allow attackers to make a logged in admin add or delete settings from the blacklist or whitelist menu via a CSRF attack
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<1.4.9+ 1 more
- (no CPE)range: <1.4.9
- (no CPE)range: <1.4.9
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/67bb5ab8-4493-4f5b-a989-41576675b61a/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.