CVE-2024-13580

Publication date

2025-03-11 06:00:08

Family

WPScan

State

PUBLISHED

Description

The XV Random Quotes WordPress plugin through 1.40 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack