CVE-2024-32447

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 15, 2024

CWE ID 352

Summary

CVE-2024-32447 represents a Cross-Site Request Forgery (CSRF) vulnerability that has been identified in AWP Classifieds, a popular WordPress plugin. This issue poses a risk to versions 4.3.1 and below of the AWP Classifieds plugin. A CSRF attack allows an unauthorized user to submit malicious requests on behalf of a victim, potentially leading to unintended actions or data modifications within the affected application. It is essential for users to update their AWP Classifieds plugin to a secure version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vWitf1
https://www.cve.org/CVERecord?id=CVE-2024-32447
https://nvd.nist.gov/vuln/detail/CVE-2024-32447

Back to Vulnerability Database

CVE-2024-32447

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations