ByteOS Network

CVE Vulnerability Details :

CVE-2023-7074

PUBLISHED

More Info Official Page

Assigner-WPScan

Assigner Org ID-1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81

Published At-29 Jan, 2024 | 14:44

Updated At-17 Jun, 2025 | 14:30

▼CVE Numbering Authority (CNA)

WP Social Bookmark Menu <= 1.2 - Settings Update via CSRF

The WP SOCIAL BOOKMARK MENU WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.

Affected Products

Vendor

Unknown

Product

WP SOCIAL BOOKMARK MENU

Collection URL

https://wordpress.org/plugins

Default Status

affected

Versions

Affected

From 0 through 1.2 (semver)

Problem Types

Type	CWE ID	Description
CWE	CWE-352	CWE-352 Cross-Site Request Forgery (CSRF)

Type: CWE

CWE ID: CWE-352

Description: CWE-352 Cross-Site Request Forgery (CSRF)

Credits

finder

Daniel Ruf

coordinator

WPScan

References

Hyperlink	Resource
https://wpscan.com/vulnerability/7906c349-97b0-4d82-aef0-97a1175ae88e/	exploit vdb-entry technical-description
https://magos-securitas.com/txt/CVE-2023-7074.txt	N/A

Hyperlink: https://wpscan.com/vulnerability/7906c349-97b0-4d82-aef0-97a1175ae88e/

Resource:

exploit

vdb-entry

technical-description

Hyperlink: https://magos-securitas.com/txt/CVE-2023-7074.txt

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://wpscan.com/vulnerability/7906c349-97b0-4d82-aef0-97a1175ae88e/	exploit vdb-entry technical-description x_transferred
https://magos-securitas.com/txt/CVE-2023-7074.txt	x_transferred

Hyperlink: https://wpscan.com/vulnerability/7906c349-97b0-4d82-aef0-97a1175ae88e/

Resource:

exploit

vdb-entry

technical-description

x_transferred

Hyperlink: https://magos-securitas.com/txt/CVE-2023-7074.txt

Resource:

x_transferred

2. CISA ADP Vulnrichment

Metrics

Version	Base score	Base severity	Vector
3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References