cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2021-4404,https://securityvulnerability.io/vulnerability/CVE-2021-4404,Cross-Site Request Forgery Vulnerability in Event Espresso 4 Decaf Plugin for WordPress,"The Event Espresso 4 Decaf plugin for WordPress is susceptible to Cross-Site Request Forgery (CSRF) due to inadequate nonce validation in the ajaxHandler() function. This vulnerability enables unauthenticated attackers to exploit the system by tricking site administrators into performing actions via a maliciously crafted request, potentially leading to unauthorized access to notifications or sensitive functionalities. It is crucial for users of version 4.10.11 and earlier to apply the appropriate updates to mitigate these risks.",Wordpress,Event Espresso 4 Decaf – Event Registration Event Ticketing,4.3,MEDIUM,0.00046999999904073775,false,,false,false,false,,false,false,2023-07-01T05:33:29.497Z,0