CVE-2024-32099

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 15, 2024
CWE ID 352

Summary

CVE-2024-32099 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WP Mail Catcher plugin for WordPress. This issue allows attackers to manipulate users into performing unwanted actions, such as account takeover or data modification, by tricking them into clicking a malicious link. WP Mail Catcher versions from n/a to 2.1.6 are considered vulnerable. Users are urged to update to the latest version as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share