2 matches found
CVE-2023-40201
CVE-2023-40201 describes a Cross-Site Request Forgery in FuturioWP Futurio Extra plugin (versions ≤ 1.8.4) that allows activation of an arbitrary plugin. The vulnerability exists in the Futurio Extra plugin for WordPress and is exploitable without authentication per Patchstack/Red Hat/NVD summari...
WordPress Futurio Extra Plugin <= 1.9.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Futurio Extra Type Plugin Vulnerable versions = 1.9.0 Fixed in 1.9.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-40201 Patch priority Low CVSS severity Low 6.5 Developer FuturioWP PSID 9786201b3e26 Credits István Márton Required...