CVE-2023-41244 – WordPress Localize Remote Images Plugin <= 1.0.9 is vulnerable to Cross Site Request Forgery (CSRF)

https://notcve.org/view.php?id=CVE-2023-41244

29 Aug 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Buildfail Localize Remote Images plugin <= 1.0.9 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Buildfail Localize Remote Images en versiones <= 1.0.9. The Localize Remote Images plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.9. This is due to missing or incorrect nonce validation on the anonymous function used for the plugin's admin menu. This makes it possible for ... • https://patchstack.com/database/vulnerability/localize-remote-images/wordpress-localize-remote-images-plugin-1-0-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •