Cross-Site Request Forgery Vulnerability in Karl Kiesinger Country Blocker
CVE-2024-54226

Currently unrated

Key Information:

Vendor: WordPress
Status: Country Blocker
Vendor: CVE Published:; 9 December 2024

What is CVE-2024-54226?

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Country Blocker plugin developed by Karl Kiesinger. This security flaw allows an attacker to perform unauthorized actions on behalf of users, which can lead to Stored Cross-Site Scripting (XSS) attacks. The vulnerability affects all versions from n/a up to 3.2. Upon exploitation, an attacker could store malicious scripts within the application, jeopardizing user data integrity and possibly compromising the overall security of affected websites.

Affected Version(s)

Country Blocker 0 <= 3.2

References

https://patchstack.com/database/Wordpress/Plugin/country-...

vdb-entry

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2024

CVE-2024-54226 Data

JSON

WordPress

What is CVE-2024-54226?

Affected Version(s)

References

Timeline