๐Ÿ” CVE Alert

CVE-2024-35684

UNKNOWN 0.0

WordPress ElasticPress plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) vulnerability

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress elasticpress.This issue affects ElasticPress: from n/a through <= 5.1.1.

CWE CWE-352
Vendor 10up
Product elasticpress
Published Jun 8, 2024
Last Updated Apr 1, 2026
Stay Ahead of the Next One

Get instant alerts for 10up elasticpress

Be the first to know when new unknown vulnerabilities affecting 10up elasticpress are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

10up / ElasticPress
0 โ‰ค 5.1.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/elasticpress/vulnerability/wordpress-elasticpress-plugin-5-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve patchstack.com: https://patchstack.com/database/vulnerability/elasticpress/wordpress-elasticpress-plugin-5-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Credits

Ananda Dhakal (Patchstack)