CVE-2021-43559 - AskarLabs CVE Database

CVE-2021-43559

Vendor N/A

Product moodle

Weakness CWE-352 · CSRF

Published November 22, 2021

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.

Key dates

02Disclosure timeline

November 22, 2021 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-43559 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2024-56012 WordPress Flash News / Post (Responsive) plugin <= 4.1 - CSRF to Privilege Escalation vulnerability CVE-2026-3772 WP Editor <= 1.2.9.2 - Cross-Site Request Forgery to Remote Code Execution via Plugin and Theme File Editor CVE-2025-32498 WordPress VKontakte Cross-Post plugin <= 0.3.2 - CSRF to Stored XSS vulnerability CVE-2024-32101 WordPress Email Marketing for WooCommerce plugin <= 1.14.3 - Cross Site Request Forgery (CSRF) vulnerability CVE-2025-32673 WordPress Epeken All Kurir plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerability