Vendor

Booknetic

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-13146	Booknetic Booknetic		0.00	—	0.00		Mar 26, 2025	The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack

CVE-2024-13146Mar 26, 2025
Booknetic
Booknetic
risk 0.00cvss —epss 0.00
The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack