CVE-2023-2334

MEDIUM Year: 2023
CVSS v3 Score
5.4
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

The edd-google-sheet-connector-pro WordPress plugin before 1.4, Easy Digital Downloads Google Sheet Connector WordPress plugin before 1.6.6 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack

Related Vulnerabilities

CVE-2013-0375

MEDIUM
CVSS:5.4(Medium)

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vect...

NVD-CWE-Other2013

CVE-2016-0245

MEDIUM
CVSS:5.4(Medium)

The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF10 allows remote authenticated users to read arbitrary files or cause a denial of service via an external en...

NVD-CWE-Other2016

CVE-2016-0408

MEDIUM
CVSS:5.4(Medium)

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity v...

NVD-CWE-Other2016

CVE-2016-0468

MEDIUM
CVSS:5.4(Medium)

Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affec...

NVD-CWE-Other2016

CVE-2016-0673

MEDIUM
CVSS:5.4(Medium)

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to UIF...

NVD-CWE-Other2016