CVE-2023-4209

The POEditor WordPress plugin before 0.9.8 does not have CSRF checks in various places, which could allow attackers to make logged in admins perform unwanted actions, such as reset the plugin's settings and update its API key via CSRF attacks.
Configurations

Configuration 1 (hide)

cpe:2.3:a:poeditor:poeditor:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 08:34

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-30 15:15

Updated : 2024-11-21 08:34


NVD link : CVE-2023-4209

Mitre link : CVE-2023-4209

CVE.ORG link : CVE-2023-4209


JSON object : View

Products Affected

poeditor

  • poeditor
CWE

No CWE.