CVE-2023-46779
Description
Cross-Site Request Forgery (CSRF) vulnerability in EasyRecipe plugin <= 3.5.3251 versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cross-Site Request Forgery in EasyRecipe plugin allows attackers to force privileged users to perform unintended actions.
Cross-Site Request Forgery (CSRF) vulnerability exists in the EasyRecipe plugin for WordPress versions up to and including 3.5.3251. This flaw allows a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. [1]
Exploitation requires user interaction, such as clicking a malicious link, visiting a crafted page, or submitting a form. The attack can be initiated by an unauthenticated attacker, but successful exploitation depends on a privileged user performing the action. [1]
If exploited, an attacker can perform any action the victim is authorized to do within the plugin, potentially leading to unauthorized changes or data manipulation. [1]
As immediate action, update the affected plugin to the latest version. If unable to update, contact your hosting provider or web developer for assistance. [1]
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- cpe:2.3:a:easyrecipe_project:easyrecipe:*:*:*:*:*:wordpress:*:*Range: <=3.5.3251
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.