Unrated severityNVD Advisory· Published Jul 12, 2024· Updated Aug 1, 2024
ContentLock <= 1.0.3 - Groups/Emails Deletion via CSRF
CVE-2024-6024
Description
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when deleting groups or emails, which could allow attackers to make a logged in admin remove them via a CSRF attack
Affected products
2- WordPress/ContentLock WordPress plugindescription
- Range: <=1.0.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/3d2cdb4f-b7e1-4691-90d1-cddde7f5858e/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.