CVE-2023-6946
Description
The Autotitle for WordPress plugin through 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
CWE
- (none)
Affected
- Unknown / Autotitle for WordPress — v=0 ≤1.0.3 [affected]
CVSS
- (none)
References
- https://wpscan.com/vulnerability/54a00416-c7e3-44f3-8dd2-ed9e748055e6/ exploit, vdb-entry, technical-description
- https://magos-securitas.com/txt/CVE-2023-6946
Source
cvelistV5-main/cves/2023/6xxx/CVE-2023-6946.json