cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-6024,https://securityvulnerability.io/vulnerability/CVE-2024-6024,CSRF Vulnerability in ContentLock WordPress Plugin Affects Group and Email Deletion,"The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when deleting groups or emails, which could allow attackers to make a logged in admin remove them via a CSRF attack",Wordpress,Contentlock,,,0.0004299999854993075,false,,false,false,true,true,false,false,2024-07-12T06:00:07.258Z,0
CVE-2024-6023,https://securityvulnerability.io/vulnerability/CVE-2024-6023,plugin vulnerability could allow CSRF attacks on logged in admins,"The ContentLock WordPress plugin, up to version 1.0.3, is susceptible to Cross-Site Request Forgery (CSRF) attacks due to the absence of adequate CSRF protection mechanisms when adding email addresses. This vulnerability could potentially allow an attacker to exploit the functionality and perform actions on behalf of an authenticated admin, leading to unauthorized modifications and data exposure.",Wordpress,Contentlock,8.8,HIGH,0.000750000006519258,false,,false,false,true,true,false,false,2024-07-12T06:00:06.958Z,0
CVE-2024-6022,https://securityvulnerability.io/vulnerability/CVE-2024-6022,"Without CSRF Protection, Admins May Fall Prey to Survey Scams","The ContentLock WordPress plugin versions up to 1.0.3 is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This flaw arises from the absence of proper CSRF checks when administrators attempt to update the plugin settings. As a result, malicious actors can exploit this weakness to manipulate logged-in administrators into changing critical settings without their consent, potentially compromising the security of the WordPress site. Website owners are advised to apply necessary patches and implement security best practices to mitigate this risk.",Wordpress,Contentlock,8.8,HIGH,0.000750000006519258,false,,false,false,true,true,false,false,2024-07-12T06:00:06.639Z,0