CVE-2024-33680

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Apr 26, 2024

CWE ID 352

Summary

CVE-2024-33680 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the MainWP Child Reports from versions n/a through 2.1.1. Attackers can exploit this issue to perform unintended actions on a victim's WordPress site, as they can make unauthorized requests on their behalf. The CSRF vulnerability poses a significant risk, as it can lead to data manipulation, account takeover, and other malicious activities. Users running the affected versions of MainWP Child Reports are advised to patch their systems as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vnsF1j
https://www.cve.org/CVERecord?id=CVE-2024-33680
https://nvd.nist.gov/vuln/detail/CVE-2024-33680

Back to Vulnerability Database

CVE-2024-33680

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations