RSS   Vulnerabilities for 'Activecampaign'   RSS

2021-03-18
 
CVE-2021-24133

CWE-352
 

 
Lack of CSRF checks in the ActiveCampaign WordPress plugin, versions before 8.0.2, on its Settings form, which could allow attacker to make a logged-in administrator change API Credentials to attacker's account.

 

 >>> Vendor: Activecampaign 9 Products
Knowledgebuilder
1-2-all broadcast email
Supporttrio
1-2-all
General
Isalient
Visualedit
Triolive
Activecampaign


Copyright 2021, cxsecurity.com

 

Back to Top