Vulnerability Details CVE-2024-4969
The Widget Bundle WordPress plugin through 2.0.0 does not have CSRF checks when logging Widgets, which could allow attackers to make logged in admin enable/disable widgets via a CSRF attack
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.8%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2024-4969
-
cpe:2.3:a:devnath_verma:widget_bundle:-
-
cpe:2.3:a:devnath_verma:widget_bundle:2.0.0