Descrição
The fitness calculators WordPress plugin before 1.9.6 add calculators for Water intake, BMI calculator, protein Intake, and Body Fat and was lacking CSRF check, allowing attackers to make logged in users perform unwanted actions, such as change the calculator headers. Due to the lack of sanitisation, this could also lead to a Stored Cross-Site Scripting issue
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2021-24272
Tags
Nâo informado
Data de publicação
05/05/2021
Última atualização
08/12/2024
Pontuação em CVSS 3.0
4.3
Médio