Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth: from n/a through 7.3.9.
References
Configurations
History
25 Nov 2023, 02:14
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:aweber:aweber:*:*:*:*:*:wordpress:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | CWE-352 | |
First Time |
Aweber
Aweber aweber |
|
References | () https://patchstack.com/database/vulnerability/aweber-web-form-widget/wordpress-aweber-plugin-7-3-9-broken-access-control-vulnerability?_s_id=cve - Third Party Advisory |
17 Nov 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-17 09:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-47757
Mitre link : CVE-2023-47757
CVE.ORG link : CVE-2023-47757
JSON object : View
Products Affected
aweber
- aweber