CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-13580

The XV Random Quotes WordPress plugin through 1.40 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.9%

CVSS Severity

CVSS v3 Score 4.3

References

https://wpscan.com/vulnerability/48cffe03-adcf-4da2-a331-464ae511a805/
https://wpscan.com/vulnerability/48cffe03-adcf-4da2-a331-464ae511a805/

Products affected by CVE-2024-13580

Xavi.ivars » Xv Random Quotes » Version: Any

cpe:2.3:a:xavi.ivars:xv_random_quotes:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-13580

Products

Pricing

Contact Us