Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds – A Tweets Widget or X Feed Widget.This issue affects Custom Twitter Feeds – A Tweets Widget or X Feed Widget: from n/a through 2.1.2.
References
Configurations
History
11 Jan 2024, 15:28
Type | Values Removed | Values Added |
---|---|---|
References | () https://patchstack.com/database/vulnerability/custom-twitter-feeds/wordpress-custom-twitter-feeds-tweets-widget-plugin-2-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve - Third Party Advisory | |
CPE | cpe:2.3:a:smashballoon:custom_twitter_feeds:*:*:*:*:*:wordpress:*:* | |
First Time |
Smashballoon
Smashballoon custom Twitter Feeds |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
05 Jan 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-05 09:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-52136
Mitre link : CVE-2023-52136
CVE.ORG link : CVE-2023-52136
JSON object : View
Products Affected
smashballoon
- custom_twitter_feeds
CWE
CWE-352
Cross-Site Request Forgery (CSRF)