CVE-2024-10677 Information

Description

The BTEV WordPress plugin through 2.0.2 does not have CSRF check in place when updating its settings which could allow attackers to make a logged in admin change them via a CSRF attack

Reference

https://wpscan.com/vulnerability/b1bd4216-798a-4e45-a0ba-3699f0af3c7a/