Lucene search
PRIOn knowledge basePRION:CVE-2023-30616HistoryApr 20, 2023 - 6:15 p.m.
Cross site request forgery (csrf)
2023-04-2018:15:00
PRIOn knowledge base
www.prio-n.com
3
cross site request forgery
wordpress plugin
form creation
missing nonce check
upgrade
0.001 Low
EPSS
Percentile
29.5%
Form block is a wordpress plugin designed to make form creation easier. Versions prior to 1.0.2 are subject to a Cross-Site Request Forgery due to a missing nonce check. There is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any website without a user noticing. Users are advised to upgrade to version 1.0.2. There are no known workarounds for this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| form_block | lt | 1.0.2 |
Related
cve
cve
CVE-2023-30616
2023-04-20 18:15:07
osv
osv
CVE-2023-30616
2023-04-20 18:15:07
nvd
nvd
CVE-2023-30616
2023-04-20 18:15:07
wpvulndb
wpvulndb
Form Block < 1.0.2 - Form Submission via CSRF
2023-04-20 00:00:00
cvelist
cvelist