CVE-2024-6412

The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibericode:html_forms:*:*:*:*:*:wordpress:*:*

History

10 Jun 2025, 16:11

Type Values Removed Values Added
CWE CWE-352
CPE cpe:2.3:a:ibericode:html_forms:*:*:*:*:*:wordpress:*:*
First Time Ibericode
Ibericode html Forms
References () https://wpscan.com/vulnerability/9eb0dad6-3c19-4fe4-a20d-d45b51410444/ - () https://wpscan.com/vulnerability/9eb0dad6-3c19-4fe4-a20d-d45b51410444/ - Exploit, Third Party Advisory

01 Aug 2024, 18:35

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-31 06:15

Updated : 2025-06-10 16:11


NVD link : CVE-2024-6412

Mitre link : CVE-2024-6412

CVE.ORG link : CVE-2024-6412


JSON object : View

Products Affected

ibericode

  • html_forms
CWE
CWE-352

Cross-Site Request Forgery (CSRF)