3 matches found
CVE-2023-35096
The CVE-2023-35096 CSRF flaw affects the WordPress myCred plugin ≤ 2.5. It allows CSRF actions to be performed on behalf of authenticated users; exploitation would require user interaction. The issue is mitigated by upgrading to 2.5.1 or later (fix implemented). If upgrading is not possible, cons...
CVE-2023-35096 WordPress myCred Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in myCred plugin = 2.5 versions...
WordPress myCred Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)
Software myCred Type Plugin Vulnerable versions = 2.5 Fixed in 2.5.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35096 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 50793719ef32 Credits István Márton Required privile...