CVE-2023-6390
EUVD-2023-5863029.01.2024, 15:15
The WordPress Users WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| jonathonkemp | wordpress_users | 𝑥 ≤ 1.4.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration