The WP SOCIAL BOOKMARK MENU WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
References
Link | Resource |
---|---|
https://magos-securitas.com/txt/CVE-2023-7074.txt | Exploit |
https://wpscan.com/vulnerability/7906c349-97b0-4d82-aef0-97a1175ae88e/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Jan 2024, 16:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-29 15:15
Updated : 2024-02-03 00:27
NVD link : CVE-2023-7074
Mitre link : CVE-2023-7074
CVE.ORG link : CVE-2023-7074
JSON object : View
Products Affected
giovambattistafazioli
- wp_social_bookmark_menu
CWE
CWE-352
Cross-Site Request Forgery (CSRF)