Lucene search

K
patchstackWordFencePATCHSTACK:E0FDCEF0793DB9EE37A7134D64F8DC75
HistoryFeb 27, 2023 - 12:00 a.m.

WordPress Coupon Zen Plugin <= 1.0.5 is vulnerable to Cross Site Request Forgery (CSRF)

2023-02-2700:00:00
WordFence
patchstack.com
1
wordpress coupon zen plugin
cross site request forgery
plugin
vulnerable versions
fixed in
owasp top 10
broken access control
patch priority
low
cvss severity
developer
claim ownership
required privilege
unauthenticated
published

AI Score

7

Confidence

Low

Software

Coupon Zen

Type

Plugin

Vulnerable versions

<= 1.0.5

Fixed in

1.0.6

OWASP Top 10

A5: Broken Access Control

Classification

Cross Site Request Forgery (CSRF)

CVE

N/A

Patch priority

Low

CVSS severity

Low (4.3)

Developer

Claim ownership

PSID

6059f6769c37

Credits

WordFence

Required privilege

Unauthenticated

Published

27 February, 2023

Vulnerability details

Remove and replace plugin Expand full details Have additional information or questions about this entry? Let us know.

Solution

This security issue has a low severity impact and is unlikely to be exploited.

Affected configurations

Vulners
Node
hasthemescoupon_zenRange1.0.5wordpress
VendorProductVersionCPE
hasthemescoupon_zen*cpe:2.3:a:hasthemes:coupon_zen:*:*:*:*:*:wordpress:*:*

AI Score

7

Confidence

Low