WP CTA – Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin, 64c4cc86fec741868a7da661556f73f312d61895

CVE, Research URL: 64c4cc86fec741868a7da661556f73f312d61895
Home page URL: Security reports for WP CTA – Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin
Application: WP CTA – Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin
Published on: Sep 04, 2023
Research Description: WP CTA – Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin [easy-sticky-sidebar] < 1.5.9 WordPress WordPress CTA Plugin <= 1.5.6 is vulnerable to Cross Site Request Forgery (CSRF) No patched version is available. This plugin has been closed as of May 9, 2023 and is not available for download. Reason: Licensing/Trademark Violation. Lana Codes discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress WordPress CTA Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. This vulnerability has not been known to be fixed yet.
Affected versions: max 1.5.9.
Status: vulnerable

WP CTA &#8211; Call To Action Plugin, Sticky CTA, Floating Buttons, Floating Tab Plugin, 64c4cc86fec741868a7da661556f73f312d61895