1 results (0.007 seconds)
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4824 – WooHoo Newspaper Magazine Theme <= 2.5.3 - Settings Update via CSRF
https://notcve.org/view.php?id=CVE-2023-4824
27 Oct 2023 — The WooHoo Newspaper Magazine theme does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack El tema WooHoo Newspaper Magazine no tiene activada la verificación CSRF al actualizar su configuración, lo que podría permitir a los atacantes hacer que un administrador que haya iniciado sesión los cambie mediante un ataque CSRF. The WooHoo Newspaper Magazine Theme theme for WordPress is vulnerable to Cross-Site Request Forger... • https://wpscan.com/vulnerability/71c616ff-0a7e-4f6d-950b-79c469a28263 • CWE-352: Cross-Site Request Forgery (CSRF) •