The WP Blogs' Planetarium WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2024-01-08T19:03:04.615Z

Updated: 2024-08-02T08:35:14.666Z

Reserved: 2023-12-05T18:12:50.142Z

Link: CVE-2023-6532

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-08T19:15:10.363

Modified: 2024-11-21T08:44:02.720

Link: CVE-2023-6532

cve-icon Redhat

No data.