WordPress tagDiv Composer Plugin < 4.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-39166
7.1HIGH
What is CVE-2023-39166?
A Cross-Site Request Forgery (CSRF) vulnerability exists in the tagDiv Composer plugin, which can lead to Cross-Site Scripting (XSS) vulnerabilities. This issue particularly impacts versions before 4.4, enabling potential attackers to execute malicious scripts by tricking users into performing unintended actions within the web application context.
Affected Version(s)
tagDiv Composer < 4.4