← Volver a CVEs
CVE-2024-1755
HIGH8.8
Descripcion
The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
Detalles CVE
Puntuacion CVSS v3.18.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado4/15/2024
Ultima modificacion5/8/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
computy:nps_computy
Debilidades (CWE)
CWE-120
Referencias
https://wpscan.com/vulnerability/481a376b-55be-4afa-94f5-c3cf8a88b8d1/(contact@wpscan.com)
https://wpscan.com/vulnerability/481a376b-55be-4afa-94f5-c3cf8a88b8d1/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.