Vulnerabilities > Chameleon CSS Project

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-08	CVE-2021-24626	SQL Injection vulnerability in Chameleon CSS Project Chameleon CSS The Chameleon CSS WordPress plugin through 1.2 does not have any CSRF and capability checks in all its AJAX calls, allowing any authenticated user, such as subscriber to call them and perform unauthorised actions. network low complexity chameleon-css-project CWE-89	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Chameleon CSS Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Chameleon CSS Project"}]}

Vulnerabilities > Chameleon CSS Project