CVEブラウザに戻る

CVE-2021-24711

HIGH

8.8

CVSS Severity Score

EPSS Score0.0360%

EPSS Percentile11.99th

Published2021年10月11日

Last Modified2024年11月21日

Vulnerability Description

The del_reistered_domains AJAX action of the Software License Manager WordPress plugin before 4.5.1 does not have any CSRF checks, and is vulnerable to a CSRF attack

Affected Platforms (CPE)

📦

Tipsandtricks Hq

Software License Manager

< 4.5.1

References & Advisories

🔗 https://jetpack.com/2021/09/14/csrf-vulnerability-found-in-software-license-manager-plugin/

🔗 https://wpscan.com/vulnerability/3351bc30-e5ff-471f-8d1c-b1bcdf419937

🔗 https://jetpack.com/2021/09/14/csrf-vulnerability-found-in-software-license-manager-plugin/

🔗 https://wpscan.com/vulnerability/3351bc30-e5ff-471f-8d1c-b1bcdf419937

関連する脆弱性情報

CVE-2020-31409.8

A vulnerability in the web management interface of Cisco Prime License Manager (PLM) Software could allow an unauthenticated, remo...

CVE-2021-207828.8

Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers to hij...

CVE-2020-34998.6

A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remot...

CVE-2020-102928.2

Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning a...