CVE-2024-24837

Cross-Site Request Forgery (CSRF) vulnerability in FG PrestaShop, FG Drupal and FG Joomla WordPress plugins

CVSS 4.3 MEDIUMEPSS 0.3%CWE-352

Cross-Site Request Forgery (CSRF) vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce, Frédéric GILLES FG Drupal to WordPress, Frédéric GILLES FG Joomla to WordPress.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.44.3; FG Drupal to WordPress: from n/a through 3.67.0; FG Joomla to WordPress: from n/a through 4.15.0.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Productos afectados

Frédéric GILLES · FG Drupal to WordPress Frédéric GILLES · FG Joomla to WordPress Frédéric GILLES · FG PrestaShop to WooCommerce

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://patchstack.com/database/vulnerability/fg-drupal-to-wp/wordpress-fg-drupal-to-wordpress-plugin-3-67-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve https://patchstack.com/database/vulnerability/fg-joomla-to-wordpress/wordpress-fg-joomla-to-wordpress-plugin-4-15-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve https://patchstack.com/database/vulnerability/fg-prestashop-to-woocommerce/wordpress-fg-prestashop-to-woocommerce-plugin-4-44-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve