CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2024/03/26 9:15 a.m.•7 views

CVE-2023-49838

Cross-Site Request Forgery CSRF vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a...

4.3CVSS4.6AI score0.00245EPSS

Exploits0References7

Vulnrichment•added 2024/03/26 8:23 a.m.•11 views

CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme

4.3CVSS7.2AI score0.00245EPSS

Exploits0References7

Cvelist•added 2024/03/26 8:23 a.m.•13 views

CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme

4.3CVSS5AI score0.00245EPSS

Exploits0References7

CVE•added 2024/03/26 8:23 a.m.•60 views

CVE-2023-49838

CVE-2023-49838 : CSRF in KlbTheme themes (Clotya up to 1.1.6; Cosmetsy up to 1.7.7; Furnob up to 1.2.2; Bacola up to 1.3.3; Partdo up to 1.1.1; Medibazar up to 1.8.6; Machic up to 1.2.8). Root cause per description: missing CSRF checks in some locations, enabling unauthorized actions via forged r...

4.3CVSS8.5AI score0.00245EPSS

Exploits0References7

Patchstack•added 2023/12/06 12:0 a.m.•6 views

WordPress Machic Theme <= 1.2.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software Machic Type Theme Vulnerable versions = 1.2.8 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-49838 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fcd8a1f899e4 Credits RE-ALTER Required privilege...

4.3CVSS4.4AI score0.00245EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by