Cross-Site Request Forgery Vulnerability in CridioStudio ListingPro
CVE-2024-39623
8.8HIGH
Summary
A Cross-Site Request Forgery (CSRF) vulnerability exists in CridioStudio's ListingPro, impacting versions from n/a through 2.9.4. This flaw can potentially allow attackers to bypass authentication, compromising user accounts and facilitating unauthorized access to sensitive information. Users and administrators are advised to take precautionary measures to secure their systems against this vulnerability.
Affected Version(s)
ListingPro <= 2.9.4
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rafie Muhammad (Patchstack)