Lucene search
+L

4 matches found

NVD
NVD
added 2024/01/17 3:15 p.m.13 views

CVE-2023-5006

The WP Discord Invite WordPress plugin before 2.5.1 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in administrator to submit a crafted request...

6.5CVSS6.5AI score0.00327EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/01/17 2:31 p.m.17 views

CVE-2023-5006 WP Discord Invite < 2.5.1 - Arbitrary Settings Update via CSRF

The WP Discord Invite WordPress plugin before 2.5.1 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in administrator to submit a crafted request...

6.7AI score0.00327EPSS
Exploits2References1
CVE
CVE
added 2024/01/17 2:31 p.m.57 views

CVE-2023-5006

CVE-2023-5006 (WP Discord Invite) : The WordPress plugin WP Discord Invite is vulnerable to a CSRF flaw in versions before 2.5.1, enabling an unauthenticated attacker to cause actions on behalf of an authenticated admin by tricking them into submitting crafted requests. Public details confirm the...

6.5CVSS6.4AI score0.00327EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.8 views

WordPress WP Discord Invite Plugin < 2.5.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Discord Invite Type Plugin Vulnerable versions 2.5.1 Fixed in 2.5.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5006 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ddd467b1e925 Credits Enrico Marcolini...

6.5CVSS7AI score0.00327EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder