Lucene search

CVE-2023-0385

🗓️ 18 Jan 2023 14:55:18Reported by WordfenceType

The Custom 404 Pro plugin in WordPress up to version 3.7.1 is vulnerable to Cross-Site Request Forgery, allowing unauthenticated attackers to delete logs

Reporter	Title	Published	Views	Family All 5
Vulnrichment	CVE-2023-0385	18 Jan 202314:18	–	vulnrichment
CVE	CVE-2023-0385	18 Jan 202315:15	–	cve
Patchstack	WordPress Custom 404 Pro Plugin <= 3.7.1 is vulnerable to Cross Site Request Forgery (CSRF)	18 Jan 202300:00	–	patchstack
NVD	CVE-2023-0385	18 Jan 202315:15	–	nvd
Prion	Cross site request forgery (csrf)	18 Jan 202315:15	–	prion

[
  {
    "vendor": "kunalnagar",
    "product": "Custom 404 Pro",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "3.7.1",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/968920b9-febf-4d76-a16b-f27954cd72e5
plugins	www.plugins.trac.wordpress.org/browser/custom-404-pro/tags/3.7.1/admin/AdminClass.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Jan 2023 14:18Current

4.6Medium risk

Vulners AI Score4.6

CVSS34.3

EPSS0.00065