WordPress Plugin Vulnerabilities

I Recommend This <= 3.8.3 - CSRF

Description

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks

Affects Plugins

Plugin icon
i-recommend-this
No known fix

References

CVE
CVE-2023-28696

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
thiennv
Verified
No
WPVDB ID
9b49935e-e9b8-4038-b2d2-3dcac0dfaaa0

Timeline

Publicly Published
2023-03-22 (about 1 years ago)
Added
2023-05-16 (about 1 years ago)
Last Updated
2023-05-16 (about 1 years ago)

Other

Published
Title
Published
2023-05-22
Title
WP-Hijri < 1.5.2 - Reflected XSS
Published
2014-08-01
Title
A Forms 1.4.0 - a-forms.php a_form_tracking_page Function Multiple Parameter XSS
Published
2023-03-20
Title
WP Content Filter – Censor All Offensive Content From Your Site < 3.1.0 - Admin+ Stored Cross Site Scripting
Published
2019-09-10
Title
Checklist < 1.1.9 - Unauthenticated Reflected XSS
Published
2015-08-25
Title
Simple Fields <= 1.4.10 - Authenticated Reflected Cross-Site Scripting (XSS)