CVE-2023-49838

Published: Mar 26, 2024Modified: Jun 17, 2026Deferred

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: audit@patchstack.com (Secondary)

Description

Cross-Site Request Forgery (CSRF) vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a through 1.7.7; Furnob theme: from n/a through 1.2.2; Bacola theme: from n/a through 1.3.3; Partdo theme: from n/a through 1.1.1; Medibazar theme: from n/a through 1.8.6; Machic theme: from n/a through 1.2.8.

Related CWEs

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (14)

https://patchstack.com/database/vulnerability/bacola/wordpress-bacola-theme-1-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: audit@patchstack.com

https://patchstack.com/database/vulnerability/clotya/wordpress-clotya-theme-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: audit@patchstack.com

https://patchstack.com/database/vulnerability/cosmetsy/wordpress-cosmetsy-theme-1-7-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: audit@patchstack.com

https://patchstack.com/database/vulnerability/furnob/wordpress-furnob-theme-1-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: audit@patchstack.com

https://patchstack.com/database/vulnerability/machic/wordpress-machic-theme-1-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: audit@patchstack.com

https://patchstack.com/database/vulnerability/medibazar/wordpress-medibazar-theme-1-8-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: audit@patchstack.com

https://patchstack.com/database/vulnerability/partdo/wordpress-partdo-theme-1-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: audit@patchstack.com

https://patchstack.com/database/vulnerability/bacola/wordpress-bacola-theme-1-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

https://patchstack.com/database/vulnerability/clotya/wordpress-clotya-theme-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

https://patchstack.com/database/vulnerability/cosmetsy/wordpress-cosmetsy-theme-1-7-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

https://patchstack.com/database/vulnerability/furnob/wordpress-furnob-theme-1-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

https://patchstack.com/database/vulnerability/machic/wordpress-machic-theme-1-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

https://patchstack.com/database/vulnerability/medibazar/wordpress-medibazar-theme-1-8-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

https://patchstack.com/database/vulnerability/partdo/wordpress-partdo-theme-1-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.