← Back

Shantz Wordpress Qotd Project

shantz_wordpress_qotd_project

1 CVE • 1 product

Products (1)

Click to collapse
Toggle
Shantz Wordpress Qotd
shantz_wordpress_qotd
1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24380
1Shantz Wordpress Qotd Project
1Shantz Wordpress Qotd
Jun 17, 2026
Aug 16, 2021
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
The Shantz WordPress QOTD WordPress plugin through 1.2.2 is lacking any CSRF check when updating its settings, allowing attackers to make logged in administrators change them to arbitrary values.