← voltar
CVE-2024-2040

Himer - Social Questions and Answers < 2.1.1 - Arbitrary Group Joining via CSRF

CVSS 6.3 MEDIUMEPSS 0.2%
The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make users join private groups via a CSRF attack
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Produtos afetados
Unknown · Himer

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://wpscan.com/vulnerability/1b97bbf0-c7d1-4e6c-bb80-f9bf45fbfe1e/