Lucene search
HistoryMay 23, 2023 - 2:15 p.m.
CVE-2023-23713
cve-2023-23713
csrf
vulnerability
theme tweaker plugin
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.7%
Cross-Site Request Forgery (CSRF) vulnerability in Manoj Thulasidas Theme Tweaker plugin <= 5.20 versions.
Affected configurations
Node
manoj_thulasidastheme_tweakerRange≤5.20
| CPE | Name | Operator | Version |
|---|---|---|---|
| theme_tweaker_project:theme_tweaker | theme tweaker project theme tweaker | le | 5.20 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "theme-tweaker-lite",
"product": "Theme Tweaker",
"vendor": "Manoj Thulasidas",
"versions": [
{
"lessThanOrEqual": "5.20",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Theme Tweaker <= 5.20 - Cross-Site Request Forgery
2023-02-20 00:00:00
prion
prion
Cross site request forgery (csrf)
2023-05-23 14:15:00
nvd
nvd
CVE-2023-23713
2023-05-23 14:15:09
cvelist
cvelist
wordfence
wordfence
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.7%
Related for CVE-2023-23713