CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

Cvelist•added 2023/11/22 3:33 p.m.•17 views

CVE-2023-5537 Delete Usermetas <= 1.1.2 - Cross-Site Request Forgery

The Delete Usermeta plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2. This is due to missing nonce validation on the delumetoptionspage function. This makes it possible for unauthenticated attackers to remove user meta for arbitrary users vi...

4.3CVSS4.7AI score0.00148EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by