CVE-2023-6385

2024-04-1005:15:47

[email protected]

web.nvd.nist.gov

wordpress

ping optimizer

csrf

attackers

logged in users

AI Score

6.5

Confidence

High

EPSS

Percentile

9.0%

JSON

The WordPress Ping Optimizer WordPress plugin through 2.35.1.3.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks such as clearing logs.

References

wpscan.com/vulnerability/362c56ff-85eb-480f-a825-9670d4c0e3d0/