CVE-2024-5030

LOW Year: 2024
CVSS v3 Score
3.8
Low
Weakness Type
CWE-352
View all →

Vulnerability Description

The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin perform such action via a CSRF attack

Related Vulnerabilities

CVE-2022-41925

LOW
CVSS:3.8(Low)

A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables. In the Tailscale client, the pee...

CWE-3522022

CVE-2024-35039

LOW
CVSS:3.8(Low)

idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area.

CWE-3522024

CVE-2024-39156

LOW
CVSS:3.8(Low)

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/keyWord_deal.php?mudi=add.

CWE-3522024

CVE-2024-39157

LOW
CVSS:3.8(Low)

idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=del&dataType=&dataID=1.

CWE-3522024

CVE-2024-31265

LOW
CVSS:3.7(Low)

Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a through 1.34.

CWE-3522024