CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46779 – WordPress EasyRecipe Plugin <= 3.5.3251 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-46779
26 Oct 2023 — Cross-Site Request Forgery (CSRF) vulnerability in EasyRecipe plugin <= 3.5.3251 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento EasyRecipe en versiones <= 3.5.3251. The EasyRecipe plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.3251. This is due to missing nonce validation on several functions such as the saveStyle() and updateCustomCSS() functions. This makes it possible for unauthenticated attackers to modify severa... • https://patchstack.com/database/vulnerability/easyrecipe/wordpress-easyrecipe-plugin-3-5-3251-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •