CVE-2023-48754 WordPress Delete Post Revisions In WordPress Plugin <= 4.6 is vulnerable to Cross Site Request Forgery (CSRF)

🗓️ 30 Nov 2023 16:02:53Reported by PatchstackType

WordPress Plugin Vulnerable to CSR

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-48754	21 Dec 202309:41	–	circl
CNNVD	WordPress Plugin Delete Post Revisions In WordPress Cross-Site Request Forgery Vulnerability	30 Nov 202300:00	–	cnnvd
CVE	CVE-2023-48754	30 Nov 202316:02	–	cve
EUVD	EUVD-2023-52787	3 Oct 202520:07	–	euvd
NVD	CVE-2023-48754	30 Nov 202316:15	–	nvd
OSV	CVE-2023-48754	30 Nov 202316:15	–	osv
Patchstack	WordPress Delete Post Revisions In WordPress Plugin <= 4.6 is vulnerable to Cross Site Request Forgery (CSRF)	27 Nov 202300:00	–	patchstack
Prion	Cross site request forgery (csrf)	30 Nov 202316:15	–	prion
RedhatCVE	CVE-2023-48754	23 May 202504:42	–	redhatcve
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (November 27, 2023 to December 3, 2023)	7 Dec 202314:11	–	wordfence

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "delete-post-revisions-on-single-click",
    "product": "Delete Post Revisions In WordPress",
    "vendor": "Wap Nepal",
    "versions": [
      {
        "lessThanOrEqual": "4.6",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/delete-post-revisions-on-single-click/wordpress-delete-post-revisions-in-wordpress-plugin-4-6-cross-site-request-forgery-csrf-vulnerability

28 Apr 2026 16:08Current

8.9High risk

Vulners AI Score8.9

CVSS 3.15.4

EPSS0.00123

CWE-352