CVE-2024-37452

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jan 2, 2025
CWE ID 352

Summary

CVE-2024-37452 is a Cross-Site Request Forgery (CSRF) vulnerability affecting MyThemeShop's Schema Lite. Hackers can exploit this issue to manipulate user actions on affected websites, including unintended data modifications. The vulnerability exists in Schema Lite versions from n/a through 1.2.2, making it crucial for users to update to a secure version as soon as possible. This weakness can lead to serious consequences, including data theft or unauthorized actions, emphasizing the importance of prompt patching.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share