CVE-2023-23797 WordPress Auto YouTube Importer Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

🗓️ 22 May 2023 10:00:57Reported by PatchstackType

WordPress YouTube Plugin CSRF Vulnerability

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-23797	22 May 202314:25	–	circl
CNNVD	WordPress plugin Auto YouTube Importer 跨站请求伪造漏洞	22 May 202300:00	–	cnnvd
CVE	CVE-2023-23797	22 May 202310:00	–	cve
EUVD	EUVD-2023-27883	3 Oct 202520:07	–	euvd
NVD	CVE-2023-23797	22 May 202311:15	–	nvd
OSV	CVE-2023-23797	22 May 202311:15	–	osv
Patchstack	WordPress Auto YouTube Importer Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)	6 Feb 202300:00	–	patchstack
Prion	Cross site request forgery (csrf)	22 May 202311:15	–	prion
Positive Technologies	PT-2023-19212 · Secondlinethemes · Auto Youtube Importer	22 May 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-23797	23 May 202502:40	–	redhatcve

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "auto-youtube-importer",
    "product": "Auto YouTube Importer",
    "vendor": "SecondLineThemes",
    "versions": [
      {
        "changes": [
          {
            "at": "1.0.4",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "1.0.3",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/auto-youtube-importer/wordpress-auto-youtube-importer-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability

28 Apr 2026 16:08Current

9High risk

Vulners AI Score9

CVSS 3.15.4

EPSS0.00104

CWE-352