CVE-2023-3209

MStore API < 3.9.7 - Settings Update via CSRF

EPSS 0.2%

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.

Produtos afetados

Unknown · MStore API

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c