cleantalk
Vulnerabilities and Security Researches

Most And Least Read Posts Widget, CVE-2024-49628

CVE, Research URL

CVE-2024-49628

Home page URL

Security reports for Most And Least Read Posts Widget

Application

Most And Least Read Posts Widget

Published on
Oct 20, 2024
Research Description
Most And Least Read Posts Widget [most-and-least-read-posts-widget] < 2.5.19 CVE-2024-49628 [en] Cross-Site Request Forgery (CSRF) vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18.
Affected versions
max 2.5.19.
Status
vulnerable
Previous vulnerability researches
Most And Least Read Posts Widget (CVE-2023-52133) , Jun 06, 2024
Most And Least Read Posts Widget (CVE-2024-49628) , Oct 22, 2024
Most And Least Read Posts Widget (CVE-2025-39549) , Apr 18, 2025
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs &#8211; Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025