VYPR

Genie WP Favicon

by WordPress

CVEs (1)

  • CVE-2021-24674MedNov 8, 2021
    risk 0.42cvss 6.5epss 0.01

    The Genie WP Favicon WordPress plugin through 0.5.2 does not have CSRF in place when updating the favicon, which could allow attackers to make a logged in admin change it via a CSRF attack