CVE-2023-6292
Ecwid Ecommerce Shopping Cart < 6.12.5 - Arbitrary Plugin Settings Change via CSRFThe Ecwid Ecommerce Shopping Cart WordPress plugin before 6.12.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
We have discovered 989 live websites that are affected by CVE-2023-6292.
Contact us to get more info
Common Weakness Enumeration
CWE-352 Cross-Site Request Forgery (CSRF)
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-6292 and the relative popularity of websites