Vulnerabilities > Era404 > Stafflist > 3.1.5

DATE CVE VULNERABILITY TITLE RISK
2025-02-12 CVE-2024-13749 Cross-site Scripting vulnerability in Era404 Stafflist
The StaffList plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3.
network
low complexity
era404 CWE-79
6.1
6.1