Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24805

April 25, 2022, 4:16 p.m. |

National Vulnerability Database nist.gov

The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status.

cve

Senior Product Security Engineer

@ Panther Labs | United States

Lead, DevSecOps

@ Hex Trust | Singapore, Singapore, Singapore

Information Security GRC Lead

@ Bud | London, England, United Kingdom

Security Analyst

@ AnaVation | Quantico, VA

Security Engineer

@ Homebase | Atlanta, Georgia, United States

Principal Offensive Cloud Security Engineer

@ Uptycs | Remote, USA

Security Engineer

@ AnaVation | Quantico, VA

Information Systems Security Manager

@ Barbaricum | Washington, DC

Cloud Engineer - GCP Security Specialist

@ DoiT International | Remote Israel

Security Operations Analyst - Compliance

@ Algolia | London, England

GRC Lead - Software Compliance

@ Ivanti | United States

Security Administrator

@ Trusting Social | Ho Chi Minh City, Ho Chi Minh City, Vietnam