CVE-2023-32092: WordPress Community by PeepSo Plugin <= 6.0.9.0 is vulnerable to Cross Site Request Forgery (CSRF)
First published: Thu Nov 09 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin <= 6.0.9.0 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Peepso Peepso | <6.1.0.0 |
Remedy
Update to 6.1.0.0 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-32092?
CVE-2023-32092 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Community by PeepSo Plugin version <= 6.0.9.0, which allows an attacker to perform unauthorized actions on behalf of a user.
How severe is CVE-2023-32092?
CVE-2023-32092 has a severity rating of 8.8 (High).
How does CVE-2023-32092 affect PeepSo Community by PeepSo Plugin?
CVE-2023-32092 affects PeepSo Community by PeepSo Plugin versions <= 6.0.9.0, allowing for Cross-Site Request Forgery attacks.
What is Cross-Site Request Forgery (CSRF)?
Cross-Site Request Forgery (CSRF) is a type of attack where an attacker tricks a victim into performing unauthorized actions on a website or web application.
Is there a patch or fix available for CVE-2023-32092?
Yes, a patch is available for CVE-2023-32092. It is recommended to update to a version higher than 6.0.9.0 to fix the vulnerability.
- collector/nvd-api
- agent/title
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/peepso
- canonical/peepso peepso