3 matches found
CVE-2023-27424 WordPress Inactive User Deleter Plugin <= 1.59 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Korol Yuriy aka Shra Inactive User Deleter plugin = 1.59 versions...
CVE-2023-27424
CVE-2023-27424 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Inactive User Deleter (Korol Yuriy aka Shra) reported for versions up to 1.59. The issue arises from CSRF in unauthenticated contexts; PatchStack notes the fix is in version 1.60. The vulnerability details...
WordPress Inactive User Deleter Plugin <= 1.59 is vulnerable to Cross Site Request Forgery (CSRF)
Software Inactive User Deleter Type Plugin Vulnerable versions = 1.59 Fixed in 1.60 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-27424 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d63c45f14395 Credits Mika Required...