3 matches found
CVE-2023-4780
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-0590. Reason: This candidate is a duplicate of CVE-2024-0590. Notes: All CVE users should reference CVE-2024-0590 instead of this candidate. All references and descriptions in this candidate have been removed to preven...
WordPress Microsoft Clarity Plugin <= 0.9.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software Microsoft Clarity Type Plugin Vulnerable versions = 0.9.3 Fixed in 0.9.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Request Forgery CSRF CVE CVE-2024-0590 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID ed349755a080 Credits kodaichodai...
CVE-2023-4780
CVE-2023-4780 is a duplicate of CVE-2024-0590 and is not the active vulnerability entry; the connected record CVE-2024-0590 details a CSRF flaw in the Microsoft Clarity WordPress plugin up to version 0.9.3. The issue arises from missing nonce validation on edit_clarity_project_id(), allowing unau...