CVE-2023-47667: WordPress WP Full Stripe Free plugin <= 7.0.16 - Cross Site Request Forgery (CSRF) vulnerability on every Setting Save
First published: Sat Nov 18 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in Mammothology WP Full Stripe Free.This issue affects WP Full Stripe Free: from n/a through 7.0.16.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Payments Plugin WP Full Stripe Free | <=1.6.1 |
Remedy
Update to 7.0.18 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-47667.
What is the severity of the CVE-2023-47667 vulnerability?
The severity of the CVE-2023-47667 vulnerability is high with a CVSS score of 8.8.
Which software version is affected by the CVE-2023-47667 vulnerability?
The CVE-2023-47667 vulnerability affects WP Full Stripe Free versions up to and including 1.6.1.
What is the description of the CVE-2023-47667 vulnerability?
The CVE-2023-47667 vulnerability is a Cross-Site Request Forgery (CSRF) vulnerability in the WP Full Stripe Free plugin.
How can I fix the CVE-2023-47667 vulnerability?
To fix the CVE-2023-47667 vulnerability, update WP Full Stripe Free plugin to a version higher than 1.6.1.
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/severity
- agent/author
- agent/references
- agent/title
- agent/weakness
- agent/remedy
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/paymentsplugin
- canonical/payments plugin wp full stripe free
- version/payments plugin wp full stripe free/1.6.1