Wpjohnny · Comment Reply Email · CVE-2024-35773
**Name of the Vulnerable Software and Affected Versions**
Comment Reply Email versions 1.3 and earlier
**Description**
The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability and also allows Cross-Site Scripting (XSS) in WPJohnny, specifically in the zerOneIT Comment Reply Email.
**Recommendations**
For versions 1.3 and earlier, update to a version that contains a fix for this issue.