CVE-2023-41684
MEDIUMFelix Welberg SIS Handball <= 1.0.45 - Cross-Site Request Forgery
Title source: llmDescription
Cross-Site Request Forgery (CSRF) vulnerability in Felix Welberg SIS Handball plugin <= 1.0.45 versions.
References (1)
Core 1
Core References
Issue Tracking, Third Party Advisory vdb-entry
https://patchstack.com/database/vulnerability/sis-handball/wordpress-sis-handball-plugin-1-0-45-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Scores
CVSS v3
4.3
EPSS
0.0020
EPSS Percentile
10.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-352
Status
published
Products (2)
Felix Welberg/SIS Handball
< 1.0.45
felixwelberg/sis_handball
< 1.0.45
Published
Oct 10, 2023
Tracked Since
Feb 18, 2026