4 matches found
CVE-2023-22691 WordPress Category Specific RSS feed Subscription Plugin <= v2.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin = v2.1 versions...
CVE-2023-22691 WordPress Category Specific RSS feed Subscription Plugin <= v2.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin = v2.1 versions...
CVE-2023-22691
CVE-2023-22691 affects the WordPress plugin Category Specific RSS feed Subscription (Tips and Tricks HQ) <= v2.1. A CSRF vulnerability exists in settings/credential-related actions due to missing CSRF checks, enabling unauthenticated attackers to induce actions on behalf of admins. Patch sourc...
WordPress Category Specific RSS feed Subscription Plugin <= v2.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Category Specific RSS feed Subscription Type Plugin Vulnerable versions = v2.1 Fixed in v2.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-22691 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID aed3a951c25f Credi...