CVE-2023-49838

Summary

Cross-Site Request Forgery (CSRF) vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a through 1.7.7; Furnob theme: from n/a through 1.2.2; Bacola theme: from n/a through 1.3.3; Partdo theme: from n/a through 1.1.1; Medibazar theme: from n/a through 1.8.6; Machic theme: from n/a through 1.2.8.

Affected Software

VendorProductVersion RangeStatus
KlbThemeClotya themen/a <= 1.1.6affected
KlbThemeCosmetsy themen/a <= 1.7.7affected
KlbThemeFurnob themen/a <= 1.2.2affected
KlbThemeBacola themen/a <= 1.3.3affected
KlbThemePartdo themen/a <= 1.1.1affected
KlbThemeMedibazar themen/a <= 1.8.6affected
KlbThemeMachic themen/a <= 1.2.8affected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References