CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-1623

The Custom Post Type UI WordPress plugin before 1.13.5 does not properly check for CSRF when sending the debug information to a user supplied email, which could allow attackers to make a logged in admin send such information to an arbitrary email address via a CSRF attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.4%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2023-1623

Webdevstudios » Custom Post Type Ui » Version: 1.11.0

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.11.0
Webdevstudios » Custom Post Type Ui » Version: 1.11.1

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.11.1
Webdevstudios » Custom Post Type Ui » Version: 1.11.2

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.11.2
Webdevstudios » Custom Post Type Ui » Version: 1.12.0

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.12.0
Webdevstudios » Custom Post Type Ui » Version: 1.12.1

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.12.1
Webdevstudios » Custom Post Type Ui » Version: 1.13.0

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.13.0
Webdevstudios » Custom Post Type Ui » Version: 1.13.1

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.13.1
Webdevstudios » Custom Post Type Ui » Version: 1.13.2

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.13.2
Webdevstudios » Custom Post Type Ui » Version: 1.13.3

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.13.3
Webdevstudios » Custom Post Type Ui » Version: 1.13.4

cpe:2.3:a:webdevstudios:custom_post_type_ui:1.13.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-1623

Products

Pricing

Contact Us