3 matches found
CVE-2023-33931
Cross-Site Request Forgery CSRF vulnerability in Ciprian Popescu YouTube Playlist Player plugin = 4.6.4 versions...
CVE-2023-33931
CVE-2023-33931: Cross-Site Request Forgery in the YouTube Playlist Player WordPress plugin (≤ 4.6.4). Root cause: CSRF in the plugin enables unauthorized actions; impact variants described in public sources. Affected: YouTube Playlist Player plugin for WordPress. Remediation: update to 4.6.5 or l...
WordPress YouTube Playlist Player Plugin <= 4.6.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software YouTube Playlist Player Type Plugin Vulnerable versions = 4.6.4 Fixed in 4.6.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-33931 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 07d0f46aa846 Credits Skalucy...