Lucene search
WPScanCVE-2023-6501HistoryFeb 12, 2024 - 4:15 p.m.
CVE-2023-6501
2024-02-1216:15:08
WPScan
web.nvd.nist.gov
51
splashscreen
wordpress
plugin
csrf
settings
update
admin
security
vulnerability
The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Affected configurations
Node
splashscreenRange≤0.20wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| * | splashscreen | * | cpe:2.3:a:*:splashscreen:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "Unknown",
"product": "Splashscreen",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "0.20"
}
],
"defaultStatus": "affected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
prion
prion
Cross site request forgery (csrf)
2024-02-12 16:15:00
wpexploit
wpexploit
Splashscreen <= 0.20 - Settings Update via CSRF
2024-01-19 00:00:00
cvelist
cvelist
CVE-2023-6501 Splashscreen <= 0.20 - Settings Update via CSRF
2024-02-12 16:05:57
nvd
nvd
CVE-2023-6501
2024-02-12 16:15:08
vulnrichment
vulnrichment
CVE-2023-6501 Splashscreen <= 0.20 - Settings Update via CSRF
2024-02-12 16:05:57
wpvulndb
wpvulndb
Splashscreen <= 0.20 - Settings Update via CSRF
2024-01-19 00:00:00
wordfence
wordfence