CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47556 – WordPress Device Theme Switcher Plugin <= 3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-47556
07 Nov 2023 — Cross-Site Request Forgery (CSRF) vulnerability in James Mehorter Device Theme Switcher.This issue affects Device Theme Switcher: from n/a through 3.0.2. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en James Mehorter Device Theme Switcher. Este problema afecta a Device Theme Switcher: desde n/a hasta 3.0.2. The Plugin Name: Device Theme Switcher plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.0.2. This is due to missing or incorrect nonce validatio... • https://patchstack.com/database/vulnerability/device-theme-switcher/wordpress-plugin-name-device-theme-switcher-plugin-3-0-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •