CVE-2021-24641
Images to WebP < 1.9 - Multiple Cross Site Request Forgery (CSRF)
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
23 nov 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion
Productos afectados
Unknown · Images to WebP¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →