CVE-2023-23897
MEDIUM EXPLOITED NUCLEIOzette Plugins Simple Mobile URL Redirect <1.7.2 - CSRF
Title source: llmExploitation Summary
CVE-2023-23897 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
Cross-Site Request Forgery (CSRF) vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin <= 1.7.2 versions.
Nuclei Templates (1)
Ozette Plugins - Cross-Site Request Forgery
MEDIUMVERIFIEDby popcorn94
Shodan:
html:"simple-mobile-url-redirect"
References (1)
Core 1
Core References
Scores
CVSS v3
4.3
EPSS
0.0167
EPSS Percentile
73.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
VulnCheck KEV
2024-10-30
CWE
CWE-352
Status
published
Products (2)
ozette/simple_mobile_url_redirect
< 1.7.2
Ozette Plugins/Simple Mobile URL Redirect
< 1.7.2
Published
Jul 10, 2023
Tracked Since
Feb 18, 2026