WordPress Plugin Vulnerabilities

MyCurator Content Curation < 3.75 - Cross-Site Request Forgery

Description

Cross-Site Request Forgery (CSRF) vulnerability in Mark Tilly MyCurator Content Curation plugin <= 3.74 versions.

Affects Plugins

Plugin icon
mycurator
Fixed in 3.75

References

CVE
CVE-2023-32104

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Nguyen Xuan Chien
Verified
No
WPVDB ID
6e7b8484-de9b-4b9d-87c4-ec69b0afb77d

Timeline

Publicly Published
2023-07-11 (about 2 years ago)
Added
2023-07-11 (about 2 years ago)
Last Updated
2023-07-11 (about 2 years ago)

Other

Published
Title
Published
2014-08-01
Title
uk-cookie - Cross-Site Request Forgery (CSRF)
Published
2023-12-27
Title
WooCommerce PDF Invoice Builder < 1.2.102 - Cross-Site Request Forgery
Published
2025-05-19
Title
reCAPTCHA for all < 2.27 - Cross-Site Request Forgery
Published
2021-07-20
Title
Elementor Addon Elements < 1.11.8 - CSRF Bypass
Published
2021-11-15
Title
WP Admin Logo Changer <= 1.0 - Plugin's Settings Update via CSRF