Headline
CVE-2022-23983: WordPress WP Content Copy Protection & No Right Click plugin <= 3.4.4 - Cross-Site Request Forgery (CSRF) leads to Settings Update vulnerability - Patchstack
Cross-Site Request Forgery (CSRF) vulnerability leading to plugin Settings Update discovered in WP Content Copy Protection & No Right Click WordPress plugin (versions <= 3.4.4).
wp-content-copy-protector
Software
WP Content Copy Protection & No Right Click
Vulnerable Versions
<= 3.4.4
Fixed in version
3.4.5
CVE
CVE-2022-23983
References
Credits
Classification
Cross Site Request Forgery (CSRF)
OWASP Top 10
A8: Cross Site Request Forgery (CSRF)
Disclosure Date
2022-02-16
CVSS 3.0 score
Are your websites subject to this vulnerability?
Details
Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress WP Content Copy Protection & No Right Click plugin (versions <= 3.4.4) by Muhammad Daffa.
Solution
Update the WordPress WP Content Copy Protection & No Right Click plugin to the latest available version (at least 3.4.5).
Found a vulnerability that puts your sites at risk?
Found a vulnerability? Help us secure the web and join our community of ethical hackers.
Are you the developer of this software? Hire our researchers for a thorough security audit.