PT-2023-20700 · WordPress · Expresstech Quiz/Survey Master

Rio Darmawan

·

Publicado

2023-11-12

·

Atualizado

2023-11-17

·

CVE-2023-26524

CVSS v3.1

8.8

Alta

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress versions prior to 8.0.11
Description The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to.
Recommendations For versions prior to 8.0.11, update to version 8.0.11 or later to resolve the issue.

Correção

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352

Identificadores relacionados

CVE-2023-26524

Produtos afetados

Expresstech Quiz/Survey Master