Vulnerability CVE-2024-8197


Published: 2024-08-27

Description:
The Visual Sound plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.03. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

 References:
https://www.wordfence.com/threat-intel/vulnerabilities/id/48d6d4c1-cc87-4c2c-9fbb-90af62f576aa?source=cve
https://wpscan.com/vulnerability/88cacd47-d900-478c-b833-c6c55fd4b082/

Copyright 2026, cxsecurity.com

 

Back to Top