WordPress Plugin Vulnerable to CSRF Attacks

CVE-2024-6136

Currently unrated 🤨

Key Information

Vendor: WordPress
Status: WP-cart-for-digital-products
Vendor: CVE Published:; 12 August 2024

Summary

The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks

Affected Version(s)

wp-cart-for-digital-products < 8.5.6

Timeline

Vulnerability published.
Aug 12, 2024
Vulnerability Reserved.
Jun 18, 2024

Collectors

NVD DatabaseMitre Database

Credit

Bob Matyas

WPScan