CVE-2024-30518

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Mar 29, 2024

Updated: Apr 1, 2024

CWE ID 352

Summary

CVE-2024-30518 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the ThemeLocation Custom WooCommerce Checkout Fields Editor. This issue allows an attacker to manipulate user actions on a vulnerable website, potentially leading to unauthorized changes or data theft. Specifically, the vulnerability exists in versions of the plugin from n/a through 1.3.0. As a result, users running these versions are at risk and should update the plugin as soon as a patch is released.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vFgZNA
https://www.cve.org/CVERecord?id=CVE-2024-30518
https://nvd.nist.gov/vuln/detail/CVE-2024-30518

Back to Vulnerability Database

CVE-2024-30518

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations