cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-6196,https://securityvulnerability.io/vulnerability/CVE-2023-6196,Cross-Site Request Forgery in Audio Merchant Plugin for WordPress,"The Audio Merchant plugin for WordPress suffers from a Cross-Site Request Forgery vulnerability, present in all versions up to and including 5.0.4. This issue arises from inadequate nonce validation within the function responsible for adding audio files. By exploiting this vulnerability, unauthenticated attackers could potentially upload arbitrary files, provided they can deceive a site administrator into executing a crafted request, such as clicking a malicious link.",Wordpress,Audio Merchant,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,false,false,2023-11-20T15:15:00.000Z,0
CVE-2023-6197,https://securityvulnerability.io/vulnerability/CVE-2023-6197,Cross-Site Request Forgery Vulnerability in Audio Merchant Plugin for WordPress,"The Audio Merchant plugin for WordPress, present in all versions up to 5.0.4, has a vulnerability that allows unauthenticated attackers to exploit missing or incorrect nonce validation in the audio_merchant_save_settings function. By sending a forged request, an attacker can manipulate plugin settings and potentially insert malicious scripts. This exploitation requires the attacker to deceive a site administrator into executing a specific action, such as clicking a malicious link, which could compromise the security of the WordPress site.",Wordpress,Audio Merchant,5.4,MEDIUM,0.0005099999834783375,false,,false,false,false,,false,false,2023-11-20T15:15:00.000Z,0