WordPress WP Knowledgebase Plugin <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-5802
4.3MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 26 October 2023
What is CVE-2023-5802?
The WP Knowledgebase plugin by Mihai Iova suffers from a Cross-Site Request Forgery (CSRF) vulnerability, which allows attackers to perform actions on behalf of authenticated users. This exploit can lead to unauthorized changes or actions being executed on the site, potentially compromising user accounts and sensitive data. Users of the plugin version 1.3.4 and earlier are particularly at risk, making it crucial for website administrators to apply security updates and adopt best practices to mitigate the risk of such vulnerabilities.
Affected Version(s)
WordPress Knowledge base & Documentation Plugin – WP Knowledgebase <= 1.3.4