CVE-2023-23712: CSRF
First published: Mon May 22 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in User Meta Manager plugin <= 3.4.9 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| User-meta User Meta Manager | <=3.4.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this CSRF vulnerability?
The vulnerability ID is CVE-2023-23712.
What is the severity of CVE-2023-23712?
The severity is rated as high with a score of 8.8.
Which version of the User Meta Manager plugin is affected by this vulnerability?
The vulnerability affects User Meta Manager plugin versions up to 3.4.9.
What is the CWE category for this vulnerability?
The CWE category for this vulnerability is 352.
How can I fix the CSRF vulnerability in User Meta Manager plugin?
To fix the vulnerability, update the User Meta Manager plugin to a version higher than 3.4.9.
- collector/nvd-index
- agent/severity
- agent/author
- agent/type
- agent/weakness
- agent/references
- agent/description
- agent/tags
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- vendor/user-meta
- canonical/user-meta user meta manager
- version/user-meta user meta manager/3.4.9