CVE-2023-40607

Name of the Vulnerable Software and Affected Versions CLUEVO CLUEVO LMS, E-Learning Platform plugin versions <= 1.10.0

Description A Cross-Site Request Forgery (CSRF) issue affects the CLUEVO CLUEVO LMS, E-Learning Platform plugin. This issue allows an attacker to perform unintended actions on a user's account.

Recommendations For versions <= 1.10.0, update to a version greater than 1.10.0 to resolve the issue. As a temporary workaround, consider implementing additional CSRF protection measures, such as token-based validation, to minimize the risk of exploitation.