Lucene search
WpvulndbWPVDB-ID:4F419212-CDAA-4C59-A007-044CB8DB06E2HistoryNov 23, 2023 - 12:00 a.m.
Multi-column Tag Map < 17.0.27 - Cross-Site Request Forgery
2023-11-2300:00:00
wpscan.com
6
wordpress
cross-site request forgery
multi-column tag map
Description The Multi-column Tag Map plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the sc_mcTagMap_plugin_options() function in versions up to, and including, 17.0.26. This makes it possible for unauthenticated attackers to update the plugin’s setting, via a forged request granted they can trick the site’s administrator into performing an action such as clicking on a link.
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 17.0.27 |
Related
cve
cve
CVE-2023-41651
2024-05-08 09:15:07
vulnrichment
vulnrichment
cvelist
cvelist
nvd
nvd
CVE-2023-41651
2024-05-08 09:15:07
wordfence
wordfence
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Related for WPVDB-ID:4F419212-CDAA-4C59-A007-044CB8DB06E2