VYPR
Unrated severityNVD Advisory· Published Jul 30, 2024· Updated Aug 1, 2024

WP Ajax Contact Form <= 2.2.2 - Arbitrary Email Deletion via CSRF

CVE-2024-5808

Description

The WP Ajax Contact Form WordPress plugin through 2.2.2 does not have CSRF check in place when deleting emails from the email list, which could allow attackers to make a logged in admin perform such action via a CSRF attack

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.