Vulnerabilities > Chameleon CSS Project > Chameleon CSS > 1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-08	CVE-2021-24626	Unspecified vulnerability in Chameleon CSS Project Chameleon CSS The Chameleon CSS WordPress plugin through 1.2 does not have any CSRF and capability checks in all its AJAX calls, allowing any authenticated user, such as subscriber to call them and perform unauthorised actions. network low complexity chameleon-css-project	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.