Description
Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 allow remote attackers to hijack the authentication of administrators for requests that delete (1) categories or (2) fields.
Remediation
References
Related Vulnerabilities
WordPress Plugin Analytics Stats Counter Statistics PHP Object Injection (1.2.2.5)
SharePoint CVE-2020-17089 Vulnerability (CVE-2020-17089)
WordPress Plugin GeoDirectory Location Manager Multiple SQL Injection Vulnerabilities (2.1.0.9)
Apache HTTP Server CVE-2024-40725 Vulnerability (CVE-2024-40725)