Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Hannes Etzelstorfer // codemiq WP HTML Mail plugin = 3.4.1 versions...

CVE-2023-40202

CVE-2023-40202 concerns the WP HTML Mail plugin (WordPress) up to version 3.4.1. Technical sources indicate an unauthenticated CSRF flaw that allows an attacker to trigger actions such as test email sending without valid authorization, enabling cross-site request forgery against admins. The vulne...