CVE-2023-49853

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 18, 2023

Updated: Feb 29, 2024

CWE ID 352

Summary

CVE-2023-49853 is a Cross-Site Request Forgery (CSRF) vulnerability that affects the PayTR Taksit Tablosu – WooCommerce plugin. This issue, which has impacted versions from n/a through 1.3.1, allows unauthenticated attackers to manipulate users' sessions and perform unintended actions on their behalf. The vulnerability could potentially result in financial losses, data theft, or other unwanted consequences. Users of the affected plugin are advised to update to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/toVrDG
https://www.cve.org/CVERecord?id=CVE-2023-49853
https://nvd.nist.gov/vuln/detail/CVE-2023-49853

Back to Vulnerability Database

CVE-2023-49853

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations