CVE-2024-2262

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-2262

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-2262.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-2262

Published

2024-04-01T05:15:07.937Z

Modified

2026-03-14T12:31:04.693129Z

Severity

4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

Themify WordPress plugin before 1.4.4 does not have CSRF check in its bulk action, which could allow attackers to make logged in users delete arbitrary filters via CSRF attack, granted they know the related filter slugs

References

https://wpscan.com/vulnerability/30544377-b90d-4762-b38a-ec89bda0dfdc/

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "1.4.4"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-2262.json"