CVE-2024-8245

Medium CVSS: 4.3

The GamiPress WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

Vendor

Gamipress

Product

Gamipress - Reset User

CWE

CWE-352

Yayın Tarihi

2025-05-15 20:15:58

Güncelleme

2025-06-12 15:25:29

Source Identifier

contact@wpscan.com

KEV Date Added

Kategoriler

CWE-352 Gamipress - Reset User MEDIUM Gamipress 2025

Referanslar

https://wpscan.com/vulnerability/3fb6292c-502c-481a-8223-ecda03d4c3fe/

Benzer Kayıtlar

High

CVE-2024-13495

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress…

High

CVE-2024-13496

The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is…

High

CVE-2024-13499

The The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress…