2 matches found
CVE-2023-3199
CVE-2023-3199 affects the MStore API WordPress plugin. The vulnerability is a CSRF due to missing nonce validation in mstore_update_status_order_title, enabling unauthenticated attackers to forge requests to update status order titles if a site admin is tricked into actions. Publicly documented d...
WordPress MStore API Plugin <= 3.9.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software MStore API Type Plugin Vulnerable versions = 3.9.6 Fixed in 3.9.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3199 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 52100659480e Credits Truoc Phan Required...