Lucene search
WpvulndbWPVDB-ID:4EE1B6B1-980A-417B-B3FD-266D51F84FBAHistoryOct 11, 2023 - 12:00 a.m.
HTTP Auth < 1.0.0 - Settings Update via CSRF
2023-10-1100:00:00
wpscan.com
3
http auth
csrf attack
settings update
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Related
cve
cve
CVE-2023-27435
2023-10-03 14:15:10
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2023-10-03 14:15:00
osv
osv
CVE-2023-27435
2023-10-03 14:15:10
nvd
nvd
CVE-2023-27435
2023-10-03 14:15:10
wordfence
wordfence
6.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.1%
Related for WPVDB-ID:4EE1B6B1-980A-417B-B3FD-266D51F84FBA