PT-2023-26240 · Chetan Gole · Wp-Copyprotect

Mika

Published

2023-10-04

Updated

2023-10-05

CVE-2023-37995

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Chetan Gole WP-CopyProtect plugin versions <= 3.1.0

Description A Cross-Site Request Forgery (CSRF) issue affects the Chetan Gole WP-CopyProtect plugin. This allows an attacker to perform unintended actions on a user's account.

Recommendations For Chetan Gole WP-CopyProtect plugin versions <= 3.1.0, update to a version higher than 3.1.0 to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the plugin to minimize the risk of exploitation.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2023-37995

Affected Products

Wp-Copyprotect

PT-2023-26240 · Chetan Gole · Wp-Copyprotect

CVE-2023-37995

Weakness Enumeration

Related Identifiers

Affected Products

References · 5