CVE-2021-24802

Summary

The Colorful Categories WordPress plugin before 2.0.15 does not enforce nonce checks which could allow attackers to make a logged in admin or editor change taxonomy colors via a CSRF attack

Affected Software

VendorProductVersion RangeStatus
UnknownColorful Categories2.0.15 < 2.0.15affected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References