CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37941 – WordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin <= 2.24.3 - Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-37941
09 Jul 2024 — Cross-Site Request Forgery (CSRF) vulnerability in Internal Link Juicer Internal Link Juicer: SEO Auto Linker for WordPress.This issue affects Internal Link Juicer: SEO Auto Linker for WordPress: from n/a through 2.24.3. The Internal Link Juicer: SEO Auto Linker for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.24.3. This is due to missing or incorrect nonce validation on the ilj_rebuild_index and ilj_render_batch_info functions. This makes it... • https://patchstack.com/database/vulnerability/internal-links/wordpress-internal-link-juicer-seo-auto-linker-for-wordpress-plugin-2-24-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •