Lucene search
K

5 matches found

NVD
NVD
added 2023/06/27 2:15 p.m.60 views

CVE-2023-2326

The Gravity Forms Google Sheet Connector WordPress plugin before 1.3.5, gsheetconnector-gravityforms-pro WordPress plugin through 1.3.5 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF...

6.5CVSS6.5AI score0.00307EPSS
Exploits1References1
OSV
OSV
added 2023/06/27 2:15 p.m.13 views

CVE-2023-2326

The Gravity Forms Google Sheet Connector WordPress plugin before 1.3.5, gsheetconnector-gravityforms-pro WordPress plugin through 1.3.5 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF...

6.5CVSS7.5AI score0.00307EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/06/27 1:17 p.m.16 views

CVE-2023-2326 Gravity Forms Google Sheet Connector < 1.3.5 - Access Code Update via CSRF

The Gravity Forms Google Sheet Connector WordPress plugin before 1.3.5, gsheetconnector-gravityforms-pro WordPress plugin through 1.3.5 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF...

7AI score0.00307EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/06/27 1:17 p.m.56 views

CVE-2023-2326 Gravity Forms Google Sheet Connector < 1.3.5 - Access Code Update via CSRF

The Gravity Forms Google Sheet Connector WordPress plugin before 1.3.5, gsheetconnector-gravityforms-pro WordPress plugin through 1.3.5 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF...

6.7AI score0.00307EPSS
Exploits1References1
CVE
CVE
added 2023/06/27 1:17 p.m.40 views

CVE-2023-2326

The CVE-2023-2326 issue affects Gravity Forms Google Sheet Connector (and gsheetconnector-gravityforms-pro) WordPress plugins, where updating the Access Code lacked a CSRF check. This governance-level flaw could allow a logged-in administrator to change the Access Code to an arbitrary value via C...

6.5CVSS6.5AI score0.00307EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder