CVE-2025-24715 — Cross-Site Request Forgery in Counter BOX

CWE-352 — Cross-Site Request Forgery3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 77.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wow-company Counter BOX

Timeline

PublishedJan 24

Description

Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Counter Box counter-box allows Cross Site Request Forgery.This issue affects Counter Box: from n/a through <= 2.0.5.

Affected Packages2 packages

▶NVDwow-company/counter_box< 2.0.6

▶CVEListV5wow-company/counter_box2.0.5

🔴Vulnerability Details

CVEList

WordPress Counter Box Plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability↗2025-01-24

▶

GHSA

GHSA-4384-wg24-m29h: Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Counter Box allows Cross Site Request Forgery↗2025-01-24

▶