PT-2024-34813 · Vivwebs · Dynamic Widgets
Ananda Dhakal
·
Published
2024-11-19
·
Updated
2024-11-25
·
CVE-2024-51669
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Vivwebs Dynamic Widgets versions 1.6.4 and earlier
Description
A Cross-Site Request Forgery (CSRF) issue affects the Dynamic Widgets plugin. This allows an attacker to perform unintended actions on a user's website. Users are urged to update to the latest version to mitigate risks.
Recommendations
For versions 1.6.4 and earlier, update to the latest version to mitigate the risk of CSRF attacks.
At the moment, there is no information about additional mitigation measures for this issue.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dynamic Widgets