CVE-2024-54300

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Dec 13, 2024
CWE ID 352

Summary

CVE-2024-54300 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Neuralabz LTD's AutoWP software. The flaw allows an attacker to force unintended actions from a vulnerable user, who is currently authenticated to the application, by making a malicious request on their behalf. AutoWP versions from n/a to 2.0.8 are reportedly affected by this issue. This vulnerability poses a serious security risk, as it can lead to unauthorized modifications or data theft. It is recommended that users upgrade to the latest version of AutoWP as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share