CVE-2023-4013

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 30, 2023

Updated: Nov 7, 2023

Summary

CVE-2023-4013 is a vulnerability affecting the GDPR Cookie Compliance plugin for WordPress. The issue lies in the plugin's lack of Cross-Site Request Forgery (CSRF) protection during license management. An attacker can exploit this weakness by deceiving a logged-in administrator into updating or deactivating the plugin's license through a malicious request, potentially leading to unauthorized plugin modifications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sRa8go
https://www.cve.org/CVERecord?id=CVE-2023-4013
https://nvd.nist.gov/vuln/detail/CVE-2023-4013

Back to Vulnerability Database