CVE-2023-44473

WordPress Table of Contents Plus Plugin <= 2302 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus plugin <= 2302 versions.

We have discovered 8 live websites that are affected by CVE-2023-44473.

Affected Software


Product	Table of Contents Plus
Category	Widgets
Vulnerable Versions	from 0 through 2302
Total Vulnerable Versions	6
Vulnerable Domains	8 live websites (100.00% of Table of Contents Plus install base)

Common Weakness Enumeration

CWE-352 Cross-Site Request Forgery (CSRF)

Available Reports

Website List

Details

Published - Oct 9, 2023
Updated - Oct 9, 2023

Credits

Muhammad Daffa (Patchstack Alliance) (finder)

CWE

CWE-352

CVE References

CWE References

cwe.mitre.org

Countries

United States	3 websites
Japan	2 websites

TLDs

.com	6 websites
.net	2 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

References

https://patchstack.com/database/vulnerability/table-of-contents-plus/wordpress-table-of-contents-plus-plugin-2302-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Websites affected by CVE-2023-44473

Top websites that are affected by CVE-2023-44473. Please click on the "Contact us" link to get more information.

Domain	Country	Rank
*.******.com		*,*
*************.com	United States	*,*
*****.com	Japan	,,*
**********.com	Japan	,,*
*.************.com	United States	,,*
.***********.com	United States	,,*
**************.net		,,*
*.************.net		,,*

See full domain list