Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.8 views

CVE-2023-2896

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processduplicateproduct function. This makes it possible for unauthenticated attackers to duplicate products via a...

4.3CVSS6.3AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2023/06/09 6:48 a.m.58 views

CVE-2023-2896

CVE-2023-2896 affects the WP EasyCart WordPress plugin up to version 5.4.8. Root cause: missing or incorrect nonce validation in the process_duplicate_product function, enabling CSRF where unauthenticated attackers can induce a site admin to duplicate products via forged requests. Impact per sour...

4.3CVSS4.4AI score0.00241EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/09 6:48 a.m.14 views

CVE-2023-2896 WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_duplicate_product

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processduplicateproduct function. This makes it possible for unauthenticated attackers to duplicate products via a...

4.3CVSS6.6AI score0.00241EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/09 6:48 a.m.24 views

CVE-2023-2896 WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_duplicate_product

The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processduplicateproduct function. This makes it possible for unauthenticated attackers to duplicate products via a...

4.3CVSS4.5AI score0.00241EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/05/29 12:0 a.m.16 views

WordPress WP EasyCart Plugin <= 5.4.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP EasyCart Type Plugin Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-2896 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 38d3a2d175fc Credits Alex Thomas Required...

4.3CVSS7AI score0.00241EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder