CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29428 – WordPress Superb Social Media Share Buttons and Follow Buttons Plugin <= 1.1.3 is vulnerable to Broken Access Control
https://notcve.org/view.php?id=CVE-2023-29428
06 Apr 2023 — Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress plugin <= 1.1.3 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress en versiones <= 1.1.3. The Superb Social Media Share Buttons and Follow Buttons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the spbsmAjax funct... • https://patchstack.com/database/vulnerability/superb-social-share-and-follow-buttons/wordpress-superb-social-media-share-buttons-and-follow-buttons-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •