CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45276 – WordPress Automated Editor Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45276
06 Oct 2023 — Cross-Site Request Forgery (CSRF) vulnerability in automatededitor.Com Automated Editor plugin <= 1.3 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento automatededitor.Com Automated Editor en versiones <= 1.3. The Automated Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3. This is due to missing or incorrect nonce validation on multiple admin menu pages. This makes it possible for unauthenticated attackers to chang... • https://patchstack.com/database/vulnerability/automated-editor/wordpress-automated-editor-plugin-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •