How severe is CVE-2024-3642?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.9 out of 10.

What type of vulnerability is CVE-2024-3642?

This is classified as CWE-352, which is a common weakness in software security.

CVE-2024-3642

MEDIUM Year: 2024

CVSS v3 Score

6.9

Medium

Weakness Type

CWE-352

View all →

Vulnerability Description

The Newsletter Popup WordPress plugin through 1.2 does not have CSRF check when deleting subscriber, which could allow attackers to make logged in admins perform such action via a CSRF attack

CVE-2024-7035

MEDIUM

CVSS:6.9(Medium)

In version v0.3.8 of open-webui/open-webui, sensitive actions such as deleting and resetting are performed using the GET method. This vulnerability allows an attacker to perform Cross-Site Request For...

CWE-3522024

CVE-2022-3274

HIGH

CVSS:7.0(High)

Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7.

CWE-3522022

CVE-2017-1000147

MEDIUM

CVSS:6.8(Medium)

Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 before 15.04.3 are vulnerable to perform a cross-site request forgery (CSRF) attack on the uploader contained in Mahara's filebrowser widget. T...

CWE-3522017