Lucene search
+L

11 matches found

NVD
NVD
added 2024/03/26 9:15 a.m.10 views

CVE-2023-49838

Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...

4.3CVSS4.6AI score0.00261EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/03/26 8:23 a.m.11 views

CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme

Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...

4.3CVSS7.2AI score0.00261EPSS
Exploits0References7
CVE
CVE
added 2024/03/26 8:23 a.m.71 views

CVE-2023-49838

CVE-2023-49838 : CSRF in KlbTheme themes (Clotya up to 1.1.6; Cosmetsy up to 1.7.7; Furnob up to 1.2.2; Bacola up to 1.3.3; Partdo up to 1.1.1; Medibazar up to 1.8.6; Machic up to 1.2.8). Root cause per description: missing CSRF checks in some locations, enabling unauthorized actions via forged r...

4.3CVSS8.5AI score0.00261EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/03/26 8:23 a.m.19 views

CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme

Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...

4.3CVSS5AI score0.00261EPSS
Exploits0References7
Patchstack
Patchstack
added 2023/12/06 12:0 a.m.14 views

WordPress Partdo Theme <= 1.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Partdo Type Theme Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5e38b5d511f8 Credits RE-ALTER Required privilege...

4.3CVSS4.4AI score0.00261EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/06 12:0 a.m.10 views

WordPress Bacola Theme <= 1.3.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Bacola Type Theme Vulnerable versions = 1.3.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 06a30b05b919 Credits RE-ALTER Required privilege...

4.3CVSS4.4AI score0.00261EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/06 12:0 a.m.9 views

WordPress Machic Theme <= 1.2.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Machic Type Theme Vulnerable versions = 1.2.8 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fcd8a1f899e4 Credits RE-ALTER Required privilege...

4.3CVSS4.4AI score0.00261EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/06 12:0 a.m.9 views

WordPress Medibazar Theme <= 1.8.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Medibazar Type Theme Vulnerable versions = 1.8.6 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8821a5455da3 Credits RE-ALTER Required privilege...

4.3CVSS4.4AI score0.00261EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/06 12:0 a.m.8 views

WordPress Cosmetsy Theme <= 1.7.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Cosmetsy Type Theme Vulnerable versions = 1.7.7 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a37af5000567 Credits RE-ALTER Required privilege...

4.3CVSS4.4AI score0.00261EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/06 12:0 a.m.13 views

WordPress Clotya Theme <= 1.1.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Clotya Type Theme Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e7b0b3057668 Credits RE-ALTER Required privilege...

4.3CVSS4.4AI score0.00261EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/12/06 12:0 a.m.9 views

WordPress Furnob Theme <= 1.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Furnob Type Theme Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 95b517a520fb Credits RE-ALTER Required privilege...

4.3CVSS4.4AI score0.00261EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder