From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Plugin Name: DN Popup <= 1.2.2 2. Vulnerability Type: CSRF (Cross-Site Request Forgery) 3. Description: The plugin lacks CSRF protection when updating its settings, allowing attackers to modify admin settings via CSRF attacks. 4. Affected Plugin: dn-popup 5. Reference: CVE-2024-7690 6. Classification: - Type: CSRF - OWASP Top 10: A2: Broken Authentication and Session Management - CWE: CWE-352 7. Original Researcher: Bob Matyas 8. Submitter: Bob Matyas 9. Submitter Website: https://www.bobmatyas.com 10. Submitter Twitter: bobmatyas 11. Verification Status: Yes 12. WPVDB ID: 1f941d51-1eaf-424a-95b8-ccaa3fdd339b 13. Public Release Date: 2024-08-12 14. Added Date: 2024-08-13 15. Last Updated Date: 2024-08-13 16. Others: - Logo Showcase with Slick Slider < 2.0.1 - Arbitrary Media Title/Description/Alt Text/URL Update via CSRF - My wpdb < 2.5 - Arbitrary SQL Query via CSRF - Clock In Portal <= 2.2 - Staff Deletion via CSRF - Business Card <= 1.0.0 - Card Edit via CSRF - Community by PeepSo < 6.0.3.0 - Multiple CSRF This information provides a detailed description and scope of impact for the CSRF vulnerability in the DN Popup <= 1.2.2 plugin.