2 matches found
CVE-2023-0385
The CVE-2023-0385 entry concerns the WordPress Custom 404 Pro plugin, vulnerable through CSRF due to missing/incorrect nonce validation in the custom_404_pro_admin_init function. Affected software: Custom 404 Pro plugin for WordPress, versions up to and including 3.7.1. Impact: unauthenticated at...
WordPress Custom 404 Pro Plugin <= 3.7.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Custom 404 Pro Type Plugin Vulnerable versions = 3.7.1 Fixed in 3.7.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0385 Patch priority Low CVSS severity Low 5.4 Developer Kunal Nagar PSID a124f27371a3 Credits Marco Wotschka Required...