The WP SOCIAL BOOKMARK MENU WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
References
Link | Resource |
---|---|
https://magos-securitas.com/txt/CVE-2023-7074.txt | Exploit |
https://wpscan.com/vulnerability/7906c349-97b0-4d82-aef0-97a1175ae88e/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
03 Feb 2024, 00:27
Type | Values Removed | Values Added |
---|---|---|
References | () https://wpscan.com/vulnerability/7906c349-97b0-4d82-aef0-97a1175ae88e/ - Exploit, Third Party Advisory | |
References | () https://magos-securitas.com/txt/CVE-2023-7074.txt - Exploit | |
CPE | cpe:2.3:a:giovambattistafazioli:wp_social_bookmark_menu:*:*:*:*:*:wordpress:*:* | |
First Time |
Giovambattistafazioli
Giovambattistafazioli wp Social Bookmark Menu |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | CWE-352 |
29 Jan 2024, 16:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-29 15:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-7074
Mitre link : CVE-2023-7074
CVE.ORG link : CVE-2023-7074
JSON object : View
Products Affected
giovambattistafazioli
- wp_social_bookmark_menu
CWE
CWE-352
Cross-Site Request Forgery (CSRF)