CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47757 – WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control
https://notcve.org/view.php?id=CVE-2023-47757
13 Nov 2023 — Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in AWeber AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth allows Accessing Functionality Not Properly Constrained by ACLs, Cross-Site Request Forgery.This issue affects AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth: from n/a through 7.3.9. Autorización faltante, vulnerabilidad de Cross-Site Request Forgery (CSRF) en AWe... • https://patchstack.com/database/vulnerability/aweber-web-form-widget/wordpress-aweber-plugin-7-3-9-broken-access-control-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •