CVE Catalog

CVE-2024-32110

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.03%

10th percentile — higher than 10% of all known CVEs

Summary

CVE-2024-32110 describes a Cross-Site Request Forgery (CSRF) vulnerability in Magepeople inc.'s WpEvently, allowing for CSRF attacks.

Risk Assessment

An attacker could exploit this vulnerability to perform unauthorized actions on behalf of users, potentially leading to data loss or unauthorized access.

Recommendation

It is recommended to update WpEvently to the latest version to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

Cross-Site request forgery (CSRF) vulnerability in Magepeople inc. WpEvently allows Cross Site Request Forgery. This issue affects WpEvently: from n/a through 4.1.2.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS