CVE-2023-0766 (newsletter_popup) | allinfosecnews.com

May 30, 2023, 8:15 a.m. |

National Vulnerability Database web.nvd.nist.gov

The Newsletter Popup WordPress plugin through 1.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks as the wp_newsletter_show_localrecord page is not protected with a nonce.

actions attackers attacks csrf cve newsletter nonce places plugin popup wordpress wordpress plugin

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

IT Security Engineer

@ Timocom GmbH | Erkrath, Germany

View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com

Privacy Engineer, Implementation Review

@ Meta | Menlo Park, CA | Seattle, WA

View on infosec-jobs.com

Cybersecurity Specialist (Security Engineering)

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore

View on infosec-jobs.com

SOC Analyst

@ Rubrik | Palo Alto

View on infosec-jobs.com

Consultant Tech Advisory H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com