3 matches found
CVE-2023-52149 WordPress Floating Button Plugin <= 6.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0...
CVE-2023-52149
CVE-2023-52149 is a CSRF in the Floating Button plugin (Wow-Company) affecting versions up to 6.0. Exploitation relies on CSRF via the plugin’s process_bulk_action, enabling unauthorized actions on affected sites. Patch/mitigation: upgrade to 6.0 or apply the vendor patch as indicated in the vuln...
WordPress Floating Button Plugin <= 6.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Floating Button Type Plugin Vulnerable versions = 6.0 Fixed in 6.0.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-52149 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 33e4d5b87e73 Credits Skalucy Required...