3 matches found
CVE-2023-5448
creationtimestamp| type| source ---|---|--- 2024-01-11 05:31:17+00:00| seen| https://t.me/ctinow/166310 2024-01-28 15:26:36+00:00| seen| https://t.me/ctinow/174967...
CVE-2023-5448
CVE-2023-5448 affects the WordPress plugin WP Register Profile With Shortcode. The issue is a Cross-Site Request Forgery due to missing/incorrect nonce validation in update_password_validate, enabling unauthenticated attackers to reset a user’s password through a forged request if a user is entic...
WordPress WP Register Profile With Shortcode Plugin <= 3.5.9 is vulnerable to Cross Site Request Forgery (CSRF)
Software WP Register Profile With Shortcode Type Plugin Vulnerable versions = 3.5.9 Fixed in 3.6.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5448 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 4d4b8ee6f41a Credits...