WordPress Awesome Support Plugin <= 6.1.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-48323
8.8HIGH
Key Information:
- Vendor
- Wordpress
- Vendor
- CVE Published:
- 30 November 2023
Summary
A Cross-Site Request Forgery (CSRF) vulnerability exists in the Awesome Support – WordPress HelpDesk & Support Plugin. This weakness allows attackers to manipulate users into executing unwanted actions on a web application where they are authenticated. The vulnerability impacts versions from n/a up to 6.1.4, making it critical for users to update their plugin to secure their WordPress installations against potential exploits.
Affected Version(s)
Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.4
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
thiennv (Patchstack Alliance)