CVE-2024-34814
WordPress Unyson plugin <= 2.7.29 - Cross Site Request Forgery (CSRF) vulnerabilityCross-Site Request Forgery (CSRF) vulnerability in ThemeFuse Unyson.This issue affects Unyson: from n/a through 2.7.29.
We have discovered 9,850 live websites that are affected by CVE-2024-34814.
Affected Software
| Product |  Unyson |
| Category | Wordpress Plugins |
| Vulnerable Domains | 9,850 live websites (67.75% of Unyson install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 106 versions ( 65.84% of all versions) |
Common Weakness Enumeration
CWE-352 Cross-Site Request Forgery (CSRF)Details
- Published - May 10, 2024
- Updated - Aug 2, 2024
Credits
- Dhabaleshwar Das (Patchstack Alliance) (finder)
CWE
CVE References
CWE References
CVE-2024-34814 usage by Country
 United States | 3,058 websites |
 Germany | 1,105 websites |
 France | 687 websites |
 Poland | 434 websites |
 Russia | 405 websites |
 GB | 323 websites |
 Italy | 310 websites |
 Netherlands | 291 websites |
 Spain | 203 websites |
 Cyprus | 167 websites |
CVE-2024-34814 usage by TLD
| .com | 3,934 websites |
| .org | 539 websites |
| .de | 414 websites |
| .pl | 348 websites |
| .ru | 310 websites |
| .it | 263 websites |
| .net | 240 websites |
| .co.uk | 238 websites |
| .nl | 220 websites |
| .fr | 209 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2024-34814
Top websites that are affected by CVE-2024-34814. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******.com | United States | **,*** | |
| ***********.de | Germany | ***,*** | |
| *************.org | United States | ***,*** | |
| ***.***.uk | Germany | ***,*** | |
| ******.**********.net | United States | ***,*** | |
| ********.com |  Singapore | ***,*** | |
| *******.************.com | United States | ***,*** | |
| *************.com | United States | ***,*** | |
| ****************.org | United States | ***,*** | |
| ****.***.my | United States | ***,*** |
FAQ
CVE-2024-34814 is Cross-Site Request Forgery (CSRF) in Unyson
A total of 9,850 websites have been identified as vulnerable to CVE-2024-34814, discovered through global website indexing conducted by WebTechSurvey.
Unyson is susceptible to CVE-2024-34814 vulnerability.
Unyson versions before, and including, 2.7.29 are vulnerable to CVE-2024-34814.