PT-2023-28032 · WordPress · Wpsynchro Wp Synchro

Abdi Pranata

Published

2023-10-09

Updated

2023-10-11

CVE-2023-41660

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WPSynchro WP Synchro plugin versions <= 1.9.1

Description A Cross-Site Request Forgery (CSRF) issue affects the WPSynchro WP Synchro plugin. This allows an attacker to perform unintended actions on a user's account.

Recommendations For versions <= 1.9.1, update to a version higher than 1.9.1 to resolve the issue. At the moment, there is no information about other mitigation measures.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2023-41660

Affected Products

Wpsynchro Wp Synchro

PT-2023-28032 · WordPress · Wpsynchro Wp Synchro

CVE-2023-41660

Weakness Enumeration

Related Identifiers

Affected Products

References · 4