CVE-2023-23973

MEDIUM4.3JSON export Create alert

Description

Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Affected products

a3rev Software / Contact Us Page – Contact Peoplen/a – 3.7.0

References

MISChttps://patchstack.com/database/vulnerability/contact-us-page-contact-people/wordpress-contact-us-page-contact-people-plugin-3-7-0-cross-site-request-forgery-csrf-leading-to-contact-creation-vulnerability?_s_id=cve