Security Advisory

CVE-2021-24805

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-25 15:50:43

Last updated 2024-08-03 19:42:17

Assigner WPScan

State PUBLISHED

Description

The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status.

← Browse all CVEs View on cve.org ↗