exploitDog

GHSA-v364-qrc6-2qj4

Опубликовано: 15 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks.

The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks.

Ссылки

EPSS

Процентиль: 4%

0.00019

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2024-12301

CVSS3: 6.5

nvd

9 месяцев назад

The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks.

EPSS

Процентиль: 4%

0.00019

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-352