Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-6857

The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating its Header, Footer and Body Script Settings, which could allow attackers to make logged admins perform such action via a CSRF attack

Published

2025-04-09T06:15:39.347

Last Modified

2025-04-22T17:25:10.110

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-352

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ngothang	wp_multitasking	≤ 0.1.12	Yes

References

https://wpscan.com/vulnerability/97636602-2dd0-465b-b6dc-acb42147edb3/ Exploit, Third Party Advisory ([email protected])