exploitDog

CVE-2024-25572

Опубликовано: 11 апр. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a website administrator views a malicious page while logging in, unintended operations may be performed.

Ссылки

https://jvn.jp/en/jp/JVN50361500/
Third Party Advisory
https://ninjaforms.com/
Product
https://wordpress.org/plugins/ninja-forms/
Product
https://jvn.jp/en/jp/JVN50361500/
Third Party Advisory
https://ninjaforms.com/
Product
https://wordpress.org/plugins/ninja-forms/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*

Версия до 3.4.31 (исключая)

EPSS

Процентиль: 41%

0.00191

Низкий

8.8 High

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-p777-v2c9-7gxq

CVSS3: 8.8

github

почти 2 года назад

Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a website administrator views a malicious page while logging in, unintended operations may be performed.

EPSS

Процентиль: 41%

0.00191

Низкий

8.8 High

CVSS3

Дефекты

CWE-352