Lucene search
WpvulndbWPVDB-ID:DBEBD328-DB20-46F4-AA1F-0E7776860800HistoryOct 12, 2023 - 12:00 a.m.
Smarty for WordPress <= 3.1.35 - Settings Update via CSRF
2023-10-1200:00:00
wpscan.com
10
wordpress
csrf attack
adminζι
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Related
cve
cve
CVE-2023-37992
2023-10-03 10:15:10
nvd
nvd
CVE-2023-37992
2023-10-03 10:15:10
prion
prion
Cross site request forgery (csrf)
2023-10-03 10:15:00
cvelist
cvelist
wordfence
wordfence
AI Score
6.4
Confidence
High
EPSS
0.001
Percentile
24.0%
Related for WPVDB-ID:DBEBD328-DB20-46F4-AA1F-0E7776860800