CVE-2024-31430
Description
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional, realmag777 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.1; BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net: from n/a through 1.1.4.1.
CWE
- CWE-352 — CWE-352 Cross-Site Request Forgery (CSRF)
Affected
- realmag777 / WOLF – WordPress Posts Bulk Editor and Manager Professional — v=n/a ≤1.0.8.1 [affected]
- realmag777 / BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net — v=n/a ≤1.1.4.1 [affected]
CVSS
- 3.1 score=4.3 severity=MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
References
- https://patchstack.com/database/vulnerability/bulk-editor/wordpress-wolf-wordpress-posts-bulk-editor-and-manager-professional-plugin-1-0-8-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve vdb-entry
- https://patchstack.com/database/vulnerability/woo-bulk-editor/wordpress-bear-bulk-editor-and-products-manager-professional-for-woocommerce-plugin-1-1-4-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve vdb-entry
Source
cvelistV5-main/cves/2024/31xxx/CVE-2024-31430.json