Lucene search
WpvulndbWPVDB-ID:190AB081-D097-42C4-A56B-5866C5BBE52CHistoryJan 12, 2024 - 12:00 a.m.
ARMember < 4.0.23 - Cross-Site Request Forgery
2024-01-1200:00:00
wpscan.com
6
wordpress
armember plugin
csrf
Description The ARMember plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.22. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers to inject PHP objects via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 4.0.23 |
Related
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2024-01-08 20:15:00
cve
cve
CVE-2023-52200
2024-01-08 20:15:44
nvd
nvd
CVE-2023-52200
2024-01-08 20:15:44
wordfence
wordfence
6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.1%
Related for WPVDB-ID:190AB081-D097-42C4-A56B-5866C5BBE52C