CVE-2023-48744 | Availability Calendar Plugin up to 1.2.6 on WordPress add_availability_calendar_create_admin_page cross-site request forgery

Inserito da Angelo Barbosa | Nov 27, 2023 | CVE

A vulnerability, which was classified as problematic, was found in Availability Calendar Plugin up to 1.2.6 on WordPress. Affected is the function add_availability_calendar_create_admin_page. The manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2023-48744. It is possible to launch the attack remotely. There is no exploit available.

CVE-2023-48744 | Availability Calendar Plugin up to 1.2.6 on WordPress add_availability_calendar_create_admin_page cross-site request forgery

Post correlati

CVE-2024-33537 | Theme Horse WP Portfolio Plugin up to 2.4 on WordPress cross site scripting

CVE-2024-24724 | Gibbon up to 26.0.00 Template messengerSettings.php injection

CVE-2024-46984 | gematik app-referencevalidator up to 2.5.0 xml external entity reference (GHSA-68j8-fp38-p48q)

CVE-2024-6695 | User Profile Builder Plugin up to 3.11.8 on WordPress User Registration improper authentication