CRM Perks Integration Vulnerable to CSRF Attacks

CVE-2024-34817
4.3MEDIUM

Key Information

Vendor
Crm Perks
Status
Integration For Pipedrive And Contact Form 7, WPforms, Elementor, Ninja Forms
Vendor
CVE Published:
14 May 2024

Summary

Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.0.

Affected Version(s)

Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.2.0

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database

Credit

Joshua Chan (Patchstack Alliance)
.