CVE-2024-7984

CVE-2024-7984: Joy Of Text Lite – SMS messaging for WordPress <= 2.3.1 - Settings Update via CSRF

Vendor Unknown
Product Joy Of Text Lite
Published May 15, 2025
Last update May 17, 2025

CVSS base score

What the vulnerability does

01Description

The Joy Of Text Lite WordPress plugin through 2.3.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

Key dates

02Disclosure timeline

May 15, 2025 CVE published
May 17, 2025 Record updated