Lucene search
K

4 matches found

Cvelist
Cvelist
added 2023/11/17 8:52 a.m.20 views

CVE-2023-47757 WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control

Missing Authorization, Cross-Site Request Forgery CSRF vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects...

4.3CVSS8.9AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 2023/11/17 8:52 a.m.90 views

CVE-2023-47757

CVE-2023-47757 affects the AWeber – Free Sign Up Form and Landing Page Builder WordPress plugin. The vulnerability is due to missing authorization and CSRF, enabling access to functionality not properly constrained by ACLs. Affected versions are listed as n/a through 7.3.9; exploitation could all...

8.8CVSS8.5AI score0.00238EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/17 8:52 a.m.18 views

CVE-2023-47757 WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control

Missing Authorization, Cross-Site Request Forgery CSRF vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects...

4.3CVSS7.2AI score0.00238EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/11/13 12:0 a.m.12 views

WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control

Software AWeber Type Plugin Vulnerable versions = 7.3.9 Fixed in 7.3.10 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47757 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID e7c43a48f73b Credits Abdi Pranata Required privilege...

8.8CVSS6.4AI score0.00238EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder