cleantalk
Vulnerabilities and Security Researches

XV Random Quotes, CVE-2024-13580

CVE, Research URL

CVE-2024-13580

Home page URL

Security reports for XV Random Quotes

Application

XV Random Quotes

Published on
Mar 11, 2025
Research Description
The XV Random Quotes WordPress plugin through 1.40 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack
Affected versions
Min -, max 1.40.
Status
vulnerable
Previous vulnerability researches
Multiple Shipping And Billing Address For Woocommerce (CVE-2025-26875) , Mar 12, 2025
Multiple Shipping And Billing Address For Woocommerce (CVE-2024-56290) , Jan 08, 2025
New vulnerability
Business Directory Plugin – Easy Listing Directories for WordPress (CVE-2024-13887) , Mar 14, 2025
AppPresser – Mobile App Framework (CVE-2025-1561) , Mar 14, 2025
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2025-1119) , Mar 14, 2025
CRM and Lead Management by vcita (CVE-2024-13703) , Mar 14, 2025
WP Recipe Maker (CVE-2025-1503) , Mar 14, 2025