CVE-2023-49838
Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
26 mar 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Cross-Site Request Forgery (CSRF) vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a through 1.7.7; Furnob theme: from n/a through 1.2.2; Bacola theme: from n/a through 1.3.3; Partdo theme: from n/a through 1.1.1; Medibazar theme: from n/a through 1.8.6; Machic theme: from n/a through 1.2.8.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Productos afectados
KlbTheme · Bacola themeKlbTheme · Clotya themeKlbTheme · Cosmetsy themeKlbTheme · Furnob themeKlbTheme · Machic themeKlbTheme · Medibazar themeKlbTheme · Partdo themeReferencias
https://patchstack.com/database/vulnerability/bacola/wordpress-bacola-theme-1-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/clotya/wordpress-clotya-theme-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/cosmetsy/wordpress-cosmetsy-theme-1-7-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/furnob/wordpress-furnob-theme-1-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/machic/wordpress-machic-theme-1-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/medibazar/wordpress-medibazar-theme-1-8-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cvehttps://patchstack.com/database/vulnerability/partdo/wordpress-partdo-theme-1-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve