Vulners
Lucene search
CVE-2023-6845
๐๏ธย 08 Jan 2024ย 19:00:38Reported byย WPScanTypeย 
ย cve๐ย web.nvd.nist.gov๐ย 27ย Views๐ WEB
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | CVE-2023-6845 | 25 Jan 202416:22 | โ | circl |
 | WordPress Plugin CommentTweets Security Vulnerability | 8 Jan 202400:00 | โ | cnnvd |
 | CVE-2023-6845 CommentTweets <= 0.6 - Settings Update via CSRF | 8 Jan 202419:00 | โ | cvelist |
 | CVE-2023-6845 | 8 Jan 202419:15 | โ | nvd |
 | WordPress CommentTweets plugin <= 0.6 - Settings Update via CSRF vulnerability | 5 Feb 202621:31 | โ | patchstack |
 | Cross site request forgery (csrf) | 8 Jan 202419:15 | โ | prion |
 | PT-2024-15109 ยท WordPress ยท Commenttweets | 8 Jan 202400:00 | โ | ptsecurity |
 | CVE-2023-6845 | 23 May 202504:57 | โ | redhatcve |
 | CVE-2023-6845 CommentTweets <= 0.6 - Settings Update via CSRF | 8 Jan 202419:00 | โ | vulnrichment |
 | CommentTweets <= 0.6 - Settings Update via CSRF | 16 Dec 202300:00 | โ | wpexploit |
10
Node
[
{
"vendor": "Unknown",
"product": "CommentTweets",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThanOrEqual": "0.6"
}
],
"defaultStatus": "affected",
"collectionURL": "https://wordpress.org/plugins"
}
]| Source | Link |
|---|---|
| magos-securitas | www.magos-securitas.com/txt/2023-6845 |
| wpscan | www.wpscan.com/vulnerability/cbdaf158-f277-4be4-b022-68d18dae4c55 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| twitterlogin | request body | /wp-admin/options-general.php?page=commenttweets%2FTwitterCommentNotification.php | CSRF vulnerability in CommentTweets WordPress plugin allowing unauthenticated actions via forged requests. | CWE-352 |
| twitterpw | request body | /wp-admin/options-general.php?page=commenttweets%2FTwitterCommentNotification.php | CSRF vulnerability in CommentTweets WordPress plugin allowing unauthenticated actions via forged requests. | CWE-352 |
| submit-type | request body | /wp-admin/options-general.php?page=commenttweets%2FTwitterCommentNotification.php | CSRF vulnerability in CommentTweets WordPress plugin allowing unauthenticated actions via forged requests. | CWE-352 |
| submit | request body | /wp-admin/options-general.php?page=commenttweets%2FTwitterCommentNotification.php | CSRF vulnerability in CommentTweets WordPress plugin allowing unauthenticated actions via forged requests. | CWE-352 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
16 May 2025 16:15Current
8.6High risk
Vulners AI Score8.6
CVSS 3.18.8
EPSS0.00275
SSVC