Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.12 views

CVE-2023-2893

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processdeactivateproduct function. This makes it possible for unauthenticated attackers to deactivate products via ...

4.3CVSS6.3AI score0.00241EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/09 6:48 a.m.19 views

CVE-2023-2893

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processdeactivateproduct function. This makes it possible for unauthenticated attackers to deactivate products via ...

4.3CVSS6.5AI score0.00241EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/09 6:48 a.m.37 views

CVE-2023-2893 WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_deactivate_product

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processdeactivateproduct function. This makes it possible for unauthenticated attackers to deactivate products via ...

4.3CVSS4.5AI score0.00241EPSS
Exploits0References2
CVE
CVE
added 2023/06/09 6:48 a.m.53 views

CVE-2023-2893

CVE-2023-2893 affects the WP EasyCart WordPress plugin up to version 5.4.8. Root cause: missing or incorrect nonce validation in the process_deactivate_product function enables CSRF, allowing unauthenticated attackers to deactivate products via forged admin actions. Impact: potential unauthorized...

4.3CVSS4.4AI score0.00241EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder