CVSS 3.1 Score 4.3 of 10 (medium)


Published May 14, 2024
CWE ID 352


CVE-2024-34817 is a Cross-Site Request Forgery (CSRF) vulnerability that affects Integration for Pipedrive and Contact Form 7, WPForms, Elementor, and Ninja Forms versions up to 1.2.0. This vulnerability requires user interaction and can be exploited over a network. The base severity is rated as MEDIUM with a base score of 4.3. The potential danger to an organization includes low integrity impact but no confidentiality impact, meaning that an attacker could manipulate requests and potentially modify data without authentication. To remediate this vulnerability, organizations should update the affected software to the latest version available.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-34817 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options