Lucene search

CVE-2023-6968

🗓️ 06 Jun 2024 02:52:15Reported by WordfenceType

Vulnerability in Moneytizer WordPress plugin. Missing nonce validation allows unauthorized access to sensitive data and settings.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Vulnrichment	CVE-2023-6968 The Moneytizer <= 9.5.20 - Cross-Site Request Forgery via multiple AJAX actions	6 Jun 202402:02	–	vulnrichment
WPVulnDB	The Moneytizer <= 9.5.20 - Cross-Site Request Forgery via multiple AJAX actions	5 Jun 202400:00	–	wpvulndb
Cvelist	CVE-2023-6968 The Moneytizer <= 9.5.20 - Cross-Site Request Forgery via multiple AJAX actions	6 Jun 202402:02	–	cvelist
NVD	CVE-2023-6968	6 Jun 202402:15	–	nvd
Patchstack	WordPress The Moneytizer Plugin <= 9.6.3 is vulnerable to Cross Site Request Forgery (CSRF)	6 Jun 202400:00	–	patchstack
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 3, 2024 to June 9, 2024)	13 Jun 202415:35	–	wordfence

Nvd

Vulners

Node

themoneytizer the_moneytizerRange<10.0.1wordpress

[
  {
    "vendor": "lvaudore",
    "product": "The Moneytizer",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "9.5.20",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/14351561-bd31-4aaa-931a-e72917458013
wordpress	www.wordpress.org/plugins/the-moneytizer/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Jun 2024 02:15Current

6.4Medium risk

Vulners AI Score6.4

CVSS35.4 - 8.1

EPSS0.00027

SSVC

CWE-352