CVE-2021-24805

CVE-2021-24805: DW Question & Answer Pro <= 1.3.4 - Multiple CSRF

Vendor Unknown
Product DW Question Answer Pro
Weakness CWE-352 · CSRF
Published April 25, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status.

Key dates

02Disclosure timeline

April 25, 2022 CVE published
August 3, 2024 Record updated