CVE-2024-12709

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 30, 2025

Summary

CVE-2024-12709 is a vulnerability affecting the Bulk Me Now! WordPress plugin before version 2.0. This issue lacks Cross-Site Request Forgery (CSRF) protection in certain areas, creating an opportunity for attackers to manipulate logged-in users into executing unwanted actions through CSRF attacks. Successful exploitation could potentially lead to unintended modifications or unauthorized access to the affected WordPress site. Users are advised to update the plugin to a patched version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1sSOpT
https://www.cve.org/CVERecord?id=CVE-2024-12709
https://nvd.nist.gov/vuln/detail/CVE-2024-12709

Back to Vulnerability Database

CVE-2024-12709

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations