Security Advisory

CVE-2023-5934

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-15 20:09:02

Last updated 2025-05-16 18:31:46

Assigner WPScan

State PUBLISHED

Description

The Travelpayouts: All Travel Brands in One Place WordPress plugin before 1.1.13 does not have CSRF check in place when importing settings from the v1, which could allow attackers to make a logged in admin update some settings via a CSRF attack

← Browse all CVEs View on cve.org ↗