- Description
- The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.
- Source
- contact@wpscan.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.1
- Impact score
- 3.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
- Severity
- HIGH
- Hype score
- Not currently trending
CVE-2024-13057 (CVSS:7.1, HIGH) is Received. The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisati..https://t.co/v6HCjiCCg6 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
1 Feb 2025
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-13057 The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow atta… https://t.co/69qyUSv8nr
@CVEnew
27 Jan 2025
367 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes