CVE-2023-51402

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 29, 2023

Updated: Jan 5, 2024

CWE ID 352

Summary

CVE-2023-51402 refers to a Cross-Site Request Forgery (CSRF) vulnerability identified in Brain Storm Force's Ultimate Addons for WPBakery Page Builder. This issue allows malicious actors to manipulate user actions on affected websites by forging authentic-looking requests. The vulnerability affects versions of Ultimate Addons for WPBakery Page Builder from n/a through 3.19.17. Successful exploitation could result in unintended actions, such as unauthorized content modifications or data exfiltration. It is crucial for users to update their software to a patched version to prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

Brainstorm Force

Advisories, Assessments, and Mitigations

Back to Vulnerability Database