How severe is CVE-2024-7690?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2024-7690?

This is classified as CWE-352, which is a common weakness in software security.

CVE-2024-7690

MEDIUM Year: 2024

CVSS v3 Score

5.4

Medium

Weakness Type

CWE-352

View all →

Vulnerability Description

The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

CVE-2013-2108

MEDIUM

CVSS:5.4(Medium)

WordPress WP Cleanfix Plugin 2.4.4 has CSRF

CWE-3522013

Cross-site request forgery (CSRF) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 allows remote authenticated users to hijack the authentica...

CWE-3522015

CVE-2015-9425

MEDIUM

CVSS:5.4(Medium)

The social-locker plugin before 4.2.5 for WordPress has CSRF with resultant XSS via the wp-admin/edit.php?post_type=opanda-item&page=license-manager-sociallocker-next licensekey parameter.

CWE-3522015

CVE-2016-3098

MEDIUM

CVSS:5.4(Medium)

Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code.

CWE-3522016

CVE-2017-18485

MEDIUM

CVSS:5.4(Medium)

Cognitoys Dino devices allow profiles_add.html CSRF.

CWE-3522017

CVE-2018-0146

MEDIUM

CVSS:5.4(Medium)

A vulnerability in the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. Th...

CWE-3522018

CVE Security Database

CVE-2024-7690

Vulnerability Description

CVE-2013-2108

CVE-2015-5037

CVE-2015-9425

CVE-2016-3098

CVE-2017-18485

CVE-2018-0146

CVE-2024-7690

Vulnerability Description

Related Vulnerabilities

CVE-2013-2108

CVE-2015-5037

CVE-2015-9425

CVE-2016-3098

CVE-2017-18485

CVE-2018-0146