CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46150 – WordPress WP Radio plugin <= 3.1.9 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-46150
17 Oct 2023 — Cross-Site Request Forgery (CSRF) vulnerability in WP Military WP Radio plugin <= 3.1.9 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento WP Military WP Radio en versiones <= 3.1.9. The WP Radio – Worldwide Online Radio Stations Directory for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.9. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthentica... • https://patchstack.com/database/vulnerability/wp-radio/wordpress-wp-radio-worldwide-online-radio-stations-directory-for-wordpress-plugin-3-1-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •