Back

CVE-2024-2405

May 2, 2024, 1:27 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Float menu WordPress plugin

  • before 6.0.1

Source

contact@wpscan.com

Tags

contact@wpscan.com
2024-05-02
CVE-2024-2405

CVE-2024-2405 details

Published : May 2, 2024, 6:15 a.m.
Last Modified : May 2, 2024, 1:27 p.m.

Description

The Float menu WordPress plugin before 6.0.1 does not have CSRF check in its bulk actions, which could allow attackers to make logged in admin delete arbitrary menu via a CSRF attack.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://wpscan.com/vulnerability/c42ffa15-6ebe-4c70-9e51-b95bd05ea04d/ contact@wpscan.com
This website uses the NVD API, but is not approved or certified by it.