CVE-2023-34024 WordPress WP Full Auto Tags Manager Plugin <= 2.2 is vulnerable to Cross Site Request Forgery (CSRF)

2023-11-0920:32:09

CWE-352

Patchstack

www.cve.org

wordpress

auto tags manager

csrf

vulnerability

9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.1%

JSON

Cross-Site Request Forgery (CSRF) vulnerability in Guillemant David WP Full Auto Tags Manager plugin <= 2.2 versions.

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-full-auto-tags-manager",
    "product": "WP Full Auto Tags Manager",
    "vendor": "Guillemant David",
    "versions": [
      {
        "lessThanOrEqual": "2.2",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/wp-full-auto-tags-manager/wordpress-wp-full-auto-tags-manager-plugin-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve