CVE-2021-24133
ActiveCampaign < 8.0.2 - Cross-Site Request Forgery in Settings
Lack of CSRF checks in the ActiveCampaign WordPress plugin, versions before 8.0.2, on its Settings form, which could allow attacker to make a logged-in administrator change API Credentials to attacker's account.
Affected products
Unknown · ActiveCampaignWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →