CVE-2023-32091: WordPress POEditor Plugin <= 0.9.4 is vulnerable to Cross Site Request Forgery (CSRF)
First published: Tue Oct 03 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <= 0.9.4 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ht Editor | <=0.9.4 |
Remedy
Update to 0.9.5 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-32091.
What is the severity rating of CVE-2023-32091?
CVE-2023-32091 has a severity rating of 8.8 (High).
What is the vulnerable software in CVE-2023-32091?
The vulnerable software in CVE-2023-32091 is the POEditor plugin <= 0.9.4 version for WordPress.
What is the CWE ID of CVE-2023-32091?
The CWE ID of CVE-2023-32091 is CWE-352.
Is there a fix available for this vulnerability?
Yes, a fix is available for this vulnerability. It is recommended to update the POEditor plugin to a version higher than 0.9.4.
- agent/type
- agent/weakness
- agent/severity
- agent/references
- agent/title
- agent/remedy
- agent/event
- agent/first-publish-date
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- vendor/poeditor
- canonical/ht editor
- version/ht editor/0.9.4