1 results (0.001 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13146 – Booknetic < 4.1.5 - Staff Creation via CSRF
https://notcve.org/view.php?id=CVE-2024-13146
26 Mar 2025 — The Booknetic WordPress plugin before 4.1.5 does not have CSRF check when creating Staff accounts, which could allow attackers to make logged in admin add arbitrary Staff members via a CSRF attack • https://wpscan.com/vulnerability/19cb40dd-53b0-46db-beb0-1841e385ce09 •