CVE-2021-24251
N/A
N/A
Summary
The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.2 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator update arbitrary payment history, such as change their status (from pending to completed to example)
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Business Directory Team | Business Directory Plugin – Easy Listing Directories for WordPress | 5.11.2 < 5.11.2 | affected |
Weaknesses
- CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.