CVE-2023-35041

Name of the Vulnerable Software and Affected Versions Webpushr Web Push Notifications plugin versions <= 4.34.0

Description The issue is related to a Cross-Site Request Forgery (CSRF) vulnerability that can lead to Local File Inclusion (LFI). This means an attacker could potentially trick a user into performing unintended actions on the web application, which in turn could allow the inclusion of local files, potentially revealing sensitive information.

Recommendations For Webpushr Web Push Notifications plugin versions <= 4.34.0, update to a version higher than 4.34.0 to resolve the issue.