The 3DPrint Lite WordPress plugin before 2.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/725ac766-c849-49d6-a968-58fcc2e134c8/ | Exploit Third Party Advisory |
Configurations
History
17 May 2025, 01:54
Type | Values Removed | Values Added |
---|---|---|
References | () https://wpscan.com/vulnerability/725ac766-c849-49d6-a968-58fcc2e134c8/ - Exploit, Third Party Advisory | |
First Time |
Wp3dprinting
Wp3dprinting 3dprint Lite |
|
Summary |
|
|
CPE | cpe:2.3:a:wp3dprinting:3dprint_lite:*:*:*:*:*:wordpress:*:* |
06 Dec 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
CWE | CWE-352 |
06 Dec 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-12-06 06:15
Updated : 2025-05-17 01:54
NVD link : CVE-2024-10480
Mitre link : CVE-2024-10480
CVE.ORG link : CVE-2024-10480
JSON object : View
Products Affected
wp3dprinting
- 3dprint_lite
CWE
CWE-352
Cross-Site Request Forgery (CSRF)