CVSS 3.1 Score 5.4 of 10 (medium)


Published Feb 12, 2024
CWE ID 352


CVE-2024-24887 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress versions up to The vulnerability requires user interaction and can be exploited over a network. It has a medium base severity with a base score of 5.4 according to the CVSS:3.1 rating system. The potential impact of this vulnerability is low integrity impact and no confidentiality impact. To remediate the issue, users should update their plugin to the latest version available to mitigate the risk of CSRF attacks on their WordPress site.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-24887 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options