WordPress Plugin Vulnerabilities

WP Reroute Email < 1.4.8 - Cross-Site Request Forgery

Description

Cross-Site Request Forgery (CSRF) vulnerability in Sajjad Hossain WP Reroute Email plugin <= 1.4.6 versions.

Affects Plugins

Plugin icon
wp-reroute-email
Fixed in 1.4.8

References

CVE
CVE-2023-27606

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
5.4 (medium)

Miscellaneous

Original Researcher
Mika
Verified
No
WPVDB ID
ef0ea868-90f5-4f55-b7b4-31c46f6f3ffd

Timeline

Publicly Published
2023-07-17 (about 2 years ago)
Added
2023-07-17 (about 2 years ago)
Last Updated
2023-07-17 (about 2 years ago)

Other

Published
Title
Published
2023-07-17
Title
Premmerce < 1.3.17 - Cross-Site Request Forgery
Published
2023-10-13
Title
IRivYou <= 2.2.1 - Arbitrary Settings Update via CSRF
Published
2023-08-14
Title
Make Paths Relative <= 1.3.0 - Settings Update via CSRF
Published
2024-04-08
Title
Benchmark Email Lite < 4.2 - Cross-Site Request Forgery via page_settings()
Published
2025-04-04
Title
RDP Wiki Embed <= 1.2.20 - Cross-Site Request Forgery