Lucene search
WpvulndbWPVDB-ID:5273966E-9E0F-4687-8738-07FFA974571DHistoryMay 30, 2023 - 12:00 a.m.
Ultimate Member < 2.6.1 - Form Duplication via CSRF
2023-05-3000:00:00
wpscan.com
10
ultimate member
csrf
form duplication
0.001 Low
EPSS
Percentile
23.6%
The plugin does not have CSRF checks when duplicating a form, which could allow attackers to make logged in admins perform such actions via a CSRF attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ultimate-member | lt | 2.6.7 |
Related
cve
cve
CVE-2023-31216
2023-07-17 14:15:10
osv
osv
CVE-2023-31216
2023-07-17 14:15:10
prion
prion
Cross site request forgery (csrf)
2023-07-17 14:15:00
nvd
nvd
CVE-2023-31216
2023-07-17 14:15:10
cvelist
cvelist
openvas
openvas
WordPress Ultimate Member Plugin < 2.6.1 CSRF Vulnerability
2023-07-19 00:00:00