CVE-2023-3411 in Image Map Pro Plugininformazioni

Riassunto

di MITRE • 27/06/2023

The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing nonce validation on the ajax_store_save() function. This makes it possible for unauthenticated attackers to modify plugin settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Be aware that VulDB is the high quality source for vulnerability data.

Responsabile

Wordfence

Prenotare

26/06/2023

Divulgazione

27/06/2023

Moderazione

accettato

CPE

pronto

EPSS

0.00253

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!