CVE-2023-41244

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 3, 2023

Updated: Oct 7, 2023

CWE ID 352

Summary

CVE-2023-41244 is a Cross-Site Request Forgery (CSRF) vulnerability affecting versions 1.0.9 and below of the Buildfail Localize Remote Images plugin. An attacker can exploit this issue by tricking a user into performing an unintended action on a web application, such as transferring funds or modifying account settings, via a specially crafted link. Successful exploitation of this vulnerability could result in unauthorized actions being carried out on behalf of the user. It is recommended that users update their plugin to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sdAc0o
https://www.cve.org/CVERecord?id=CVE-2023-41244
https://nvd.nist.gov/vuln/detail/CVE-2023-41244

Back to Vulnerability Database

CVE-2023-41244

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations