How severe is CVE-2024-3643?

CVE-2024-3643 has a CVSS v3 score of 8.8 (HIGH).

CVE-2024-3643

Name: newsletter_popup
Author: mndpsingh287

8.8HIGH

The Newsletter Popup WordPress plugin through 1.2 does not have CSRF check when deleting list, which could allow attackers to make logged in admins perform such action via a CSRF attack

Опубликовано: 5/16/2024Обновлено: 1/9/2026

Описание

The Newsletter Popup WordPress plugin through 1.2 does not have CSRF check when deleting list, which could allow attackers to make logged in admins perform such action via a CSRF attack

ИИ-АнализНа базе ИИ

Затронутые продукты

mndpsingh287newsletter_popup

Ссылки

https://wpscan.com/vulnerability/698277e6-56f9-4688-9a84-c2fa3ea9f7dc/
ExploitThird Party Advisory
https://wpscan.com/vulnerability/698277e6-56f9-4688-9a84-c2fa3ea9f7dc/
ExploitThird Party Advisory