CVE-2023-23704: WordPress Comments Ratings Plugin <= 1.1.6 is vulnerable to Cross Site Request Forgery (CSRF)
First published: Tue Jul 11 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in Pixelgrade Comments Ratings plugin <= 1.1.6 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pixelgrade Comments Rating | <1.1.7 |
Remedy
Update to 1.1.7 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this CSRF vulnerability?
The vulnerability ID of this CSRF vulnerability is CVE-2023-23704.
What is the affected software of this CSRF vulnerability?
The affected software of this CSRF vulnerability is Pixelgrade Comments Ratings plugin <= 1.1.6 versions.
What is the severity of this CSRF vulnerability?
The severity of this CSRF vulnerability is high, with a severity value of 8.8.
How can I fix this CSRF vulnerability?
To fix this CSRF vulnerability, you should update the Pixelgrade Comments Ratings plugin to version 1.1.7 or higher.
Where can I find more information about this CSRF vulnerability?
You can find more information about this CSRF vulnerability at the following link: [Pixelgrade Comments Ratings plugin 1.1.6 CSRF vulnerability](https://patchstack.com/database/vulnerability/comments-ratings/wordpress-comments-ratings-plugin-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve).
- collector/nvd-latest
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/severity
- agent/author
- agent/title
- agent/references
- agent/weakness
- agent/description
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/pixelgrade
- canonical/pixelgrade comments rating