Lucene search
WPScanVULNRICHMENT:CVE-2024-2376HistoryJul 03, 2024 - 6:00 a.m.
CVE-2024-2376 WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF
2024-07-0306:00:04
WPScan
github.com
2
cve-2024-2376
wordpress
csrf
vulnerability
wpqa builder plugin
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
24.3%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:2code:wpqa_builder:*:*:*:*:*:*:*:*"
],
"vendor": "2code",
"product": "wpqa_builder",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "6.1.1",
"versionType": "semver"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
cve
cve
CVE-2024-2376
2024-07-03 06:15:03
nvd
nvd
CVE-2024-2376
2024-07-03 06:15:03
wpexploit
wpexploit
WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF
2024-06-12 00:00:00
wpvulndb
wpvulndb
WPQA < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF
2024-06-12 00:00:00
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
24.3%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-2376