CVE-2024-33691

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 26, 2024

CWE ID 352

Summary

CVE-2024-33691 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the OptinMonster Popup Builder from versions n/a through 2.15.3. This issue allows malicious actors to manipulate an affected user's session and execute unintended actions on their behalf, potentially leading to data tampering or unauthorized access. Users are advised to update their OptinMonster plugin to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vn6f2i
https://www.cve.org/CVERecord?id=CVE-2024-33691
https://nvd.nist.gov/vuln/detail/CVE-2024-33691

Back to Vulnerability Database

CVE-2024-33691

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations