CVE-2024-29009

Name of the Vulnerable Software and Affected Versions easy-popup-show versions all

Description A cross-site request forgery (CSRF) issue allows a remote unauthenticated attacker to hijack the authentication of the administrator and perform unintended operations if the administrator views a malicious page while logged in.

Recommendations For all versions, consider implementing proper CSRF protection mechanisms, such as token-based validation, to prevent unauthorized actions. As a temporary workaround, restrict access to administrative functions when viewing external or untrusted web pages to minimize the risk of exploitation.