2 matches found
CVE-2023-3198
creationtimestamp| type| source ---|---|--- 2023-06-14 07:30:54+00:00| seen| Telegram/NzECc2gllzD1VRtM9izlWgVFsPwT2Tb8JWA5aLaarrDSx4...
CVE-2023-3198
The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstoreupdatestatusordermessage function. This makes it possible for unauthenticated attackers to update status order message via a forged request granted they can trick a site...