AskarLabs AskarLabs
Home

CMS Security

vs vScan Continuous CMS vulnerability scanning wa WP-Audit Wordpress Security Audit Tool

Identity & Access

pl PasswordLab Self-hosted password manager for business
Docs

Browse

all All CVEs Full database, no filters wp WooCommerce CVEs Plugins wp Elementor CVEs Plugins

By Platform

wp WordPress CVEs Plugins, themes & core jm Joomla CVEs Extensions & core dr Drupal CVEs Modules & core
Talk to us
Home / CVE Database / CVE-2024-34007
CVE-2024-34007

CVE-2024-34007: moodle: logout CSRF in admin/tool/mfa/auth.php

Weakness CWE-352 · CSRF
Published May 31, 2024
Last update November 21, 2024
View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The logout option within MFA did not include the necessary token to avoid the risk of users inadvertently being logged out via CSRF.

Key dates

02Disclosure timeline

May 31, 2024 CVE published
November 21, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-34007 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2020-36707 Coming Soon & Maintenance Mode Page <= 1.57 - Cross-Site Request Forgery CVE-2022-40671 WordPress Rate my Post – WP Rating System plugin <= 3.3.4 - Cross-Site Request Forgery (CSRF) vulnerability CVE-2025-30521 WordPress GP Back To Top plugin <= 3.0 - Cross Site Request Forgery (CSRF) vulnerability CVE-2023-33212 WordPress JetFormBuilder Plugin <= 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2024-31371 WordPress WP Event Aggregator plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability

Identifiers

CVE CVE-2024-34007
CWE CWE-352

Affected versions

No affected product data available.

ASKARLABS
AskarLabs

We build essential tools for the teams keeping things running - quiet, honest software for the sites you ship and the secrets your team types every day.

CMS Security

  • vScan
  • WP-Audit

Identity & Access

  • PasswordLab
  • Features
  • Pricing
  • Free license

Resources

  • Docs
  • CVE Database
  • WordPress CVEs
  • Joomla CVEs
  • Drupal CVEs

Company

  • Contact
  • Security

Legal

  • Privacy
  • Terms
  • Cookies
  • GDPR
© 2026 AskarLabs. All trademarks are the property of their respective owners.
AskarLabs
CMS Security
vScan WP Audit
Identity & Access
PasswordLab Docs
CVE Database
All CVEs WordPress CVEs Joomla CVEs Drupal CVEs Talk to us