PT-2023-12458 · WordPress · Process Steps Template Designer
Jerome Bruandet
·
Published
2023-06-07
·
Updated
2023-06-13
·
CVE-2021-4349
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Process Steps Template Designer plugin for WordPress versions up to, and including, 1.2.1
Description
The issue allows unauthenticated attackers to conduct unspecified attacks via forged requests, provided they can trick a site administrator into performing an action such as clicking on a link. This is made possible by a Cross-Site Request Forgery weakness.
Recommendations
For versions up to, and including, 1.2.1, update to a version higher than 1.2.1 to resolve the issue.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Process Steps Template Designer