The Caldera Forms Google Sheets Connector WordPress plugin before 1.3 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack
History

Wed, 30 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-07-17T13:29:57.798Z

Updated: 2024-10-30T14:03:25.495Z

Reserved: 2023-04-27T09:19:05.911Z

Link: CVE-2023-2330

cve-icon Vulnrichment

Updated: 2024-08-02T06:19:14.981Z

cve-icon NVD

Status : Modified

Published: 2023-07-17T14:15:09.910

Modified: 2024-11-21T07:58:24.040

Link: CVE-2023-2330

cve-icon Redhat

No data.