CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-5006

The WP Discord Invite WordPress plugin before 2.5.1 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in administrator to submit a crafted request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.0%

CVSS Severity

CVSS v3 Score 6.5

References

https://wpscan.com/vulnerability/d29bcc1c-241b-4867-a0c8-4ae5f9d1c8e8
https://wpscan.com/vulnerability/d29bcc1c-241b-4867-a0c8-4ae5f9d1c8e8

Products affected by CVE-2023-5006

Sarveshmrao » Wp Discord Invite » Version: 1.0.0

cpe:2.3:a:sarveshmrao:wp_discord_invite:1.0.0
Sarveshmrao » Wp Discord Invite » Version: 1.1.0

cpe:2.3:a:sarveshmrao:wp_discord_invite:1.1.0
Sarveshmrao » Wp Discord Invite » Version: 1.1.2

cpe:2.3:a:sarveshmrao:wp_discord_invite:1.1.2
Sarveshmrao » Wp Discord Invite » Version: 2.3.1

cpe:2.3:a:sarveshmrao:wp_discord_invite:2.3.1
Sarveshmrao » Wp Discord Invite » Version: 2.4.0

cpe:2.3:a:sarveshmrao:wp_discord_invite:2.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5006

Products

Pricing

Contact Us