Vulnerability Details CVE-2024-25904
Cross-Site Request Forgery (CSRF) vulnerability in David Stockl TinyMCE and TinyMCE Advanced Professsional Formats and Styles.This issue affects TinyMCE and TinyMCE Advanced Professsional Formats and Styles: from n/a through 1.1.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.0%
CVSS Severity
CVSS v3 Score 4.3
References
- https://patchstack.com/database/vulnerability/tinymce-and-tinymce-advanced-professsional-formats-and-styles/wordpress-tinymce-and-tinymce-advanced-professsional-formats-and-styles-plugin-1-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/tinymce-and-tinymce-advanced-professsional-formats-and-styles/wordpress-tinymce-and-tinymce-advanced-professsional-formats-and-styles-plugin-1-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Products affected by CVE-2024-25904
-
cpe:2.3:a:blackbam:tinymce_and_tinymce_advanced_professsional_formats_and_styles:*