CVE-2023-49153

MEDIUM

Codeastrology Add TO Cart Text Changer And Customize Button, Add Custom Icon < 2.0 - CSRF

Title source: rule

Description

Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam Add to Cart Text Changer and Customize Button, Add Custom Icon.This issue affects Add to Cart Text Changer and Customize Button, Add Custom Icon: from n/a through 2.0.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/woo-add-to-cart-text-change/wordpress-add-to-cart-text-changer-and-customize-button-add-custom-icon-plugin-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

Scores

CVSS v3 4.3

EPSS 0.0029

EPSS Percentile 20.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-352

Status published

Products (2)

codeastrology/add_to_cart_text_changer_and_customize_button\,_add_custom_icon < 2.0

Saiful Islam/Add to Cart Text Changer and Customize Button, Add Custom Icon < 2.0

Published Dec 18, 2023

Tracked Since Feb 18, 2026