CVE-2024-52420

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 19, 2024

CWE ID 352

Summary

CVE-2024-52420 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Disable Admin Notices individually, from version n/a through 1.3.5. Hackers can exploit this issue to perform unauthorized actions on affected websites, as users are tricked into making unwanted requests to the site on behalf of the attacker. This can lead to data theft or unintended modification of settings. Users are advised to update to the latest version of Disable Admin Notices to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0a2YbD
https://www.cve.org/CVERecord?id=CVE-2024-52420
https://nvd.nist.gov/vuln/detail/CVE-2024-52420

Back to Vulnerability Database

CVE-2024-52420

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations