1 results (0.002 seconds)
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-8157 – Alphabetical List <= 1.0.3 - Settings Update via CSRF
https://notcve.org/view.php?id=CVE-2024-8157
The Alphabetical List WordPress plugin through 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack • https://wpscan.com/vulnerability/9bc18c41-fc4c-48c9-bcec-323c502ae620 •