CVE-2023-49838

MEDIUM

KlbTheme Clotya, Cosmetsy, Furnob, Bacola, Partdo, Medibazar, Machic themes - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-Site Request Forgery (CSRF) vulnerability in KlbTheme Clotya theme, KlbTheme Cosmetsy theme, KlbTheme Furnob theme, KlbTheme Bacola theme, KlbTheme Partdo theme, KlbTheme Medibazar theme, KlbTheme Machic theme.This issue affects Clotya theme: from n/a through 1.1.6; Cosmetsy theme: from n/a through 1.7.7; Furnob theme: from n/a through 1.2.2; Bacola theme: from n/a through 1.3.3; Partdo theme: from n/a through 1.1.1; Medibazar theme: from n/a through 1.8.6; Machic theme: from n/a through 1.2.8.

References (7)

Core 7
Core References

Scores

CVSS v3 4.3
EPSS 0.0026
EPSS Percentile 17.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-352
Status published
Products (7)
KlbTheme/Bacola theme < 1.3.3
KlbTheme/Clotya theme < 1.1.6
KlbTheme/Cosmetsy theme < 1.7.7
KlbTheme/Furnob theme < 1.2.2
KlbTheme/Machic theme < 1.2.8
KlbTheme/Medibazar theme < 1.8.6
KlbTheme/Partdo theme < 1.1.1
Published Mar 26, 2024
Tracked Since Feb 18, 2026