High severity8.8NVD Advisory· Published Jul 12, 2024· Updated Jun 17, 2026
CVE-2024-6024
CVE-2024-6024
Description
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when deleting groups or emails, which could allow attackers to make a logged in admin remove them via a CSRF attack
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- WordPress/ContentLock WordPress plugindescription
<=1.0.3+ 1 more
- (no CPE)range: <=1.0.3
- (no CPE)
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/3d2cdb4f-b7e1-4691-90d1-cddde7f5858e/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.