CVE-2024-24884

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 12, 2024

CWE ID 352

Summary

CVE-2024-24884 denotes a Cross-Site Request Forgery (CSRF) vulnerability discovered in ARI Soft Contact Form 7 Connector. This issue puts at risk Contact Form 7 Connector versions from n/a to 1.2.2. A successful exploit of this CSRF vulnerability could enable an attacker to perform unintended actions on the affected user's website, such as modifying forms or submitting data on their behalf. It is crucial for users to promptly update their Contact Form 7 Connector to a patched version to mitigate this security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uXKULZ
https://www.cve.org/CVERecord?id=CVE-2024-24884
https://nvd.nist.gov/vuln/detail/CVE-2024-24884

Back to Vulnerability Database

CVE-2024-24884

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations