What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in Kalmang Dynamic Widgets dynamic-widgets.This issue affects Dynamic Widgets: from n/a through <= 1.6.4.
CVE-2024-51669
MEDIUM
CVE-2024-51669: WordPress Dynamic Widgets plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerability
CVSS base score
4.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Key dates
02Disclosure timeline
November 19, 2024
CVE published
May 11, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-31849 Missing CSRF Protection on Administrative Endpoints in Nexxt Nebula 300+
CVE-2024-41776 IBM Cognos Controller cross-site request forgery
CVE-2022-41927 XWiki Platform vulnerable to Cross-Site Request Forgery (CSRF) allowing to delete or rename tags
CVE-2021-4422 POST SMTP Mailer <= 2.0.20 - Cross-Site Request Forgery Bypass
CVE-2023-40558 WordPress Video Gallery & Management Plugin <= 3.3.5 is vulnerable to Cross Site Request Forgery (CSRF)
