{"uuid": "d08b4457-82bb-47ae-a8ba-a8fb8405c643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3320", "type": "seen", "source": "https://t.me/arpsyndicate/1695", "content": "#ExploitObserverAlert\n\nCVE-2023-3320\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-3320. The WP Sticky Social  plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation in the ~/admin/views/admin.php file. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\nFIRST-EPSS: 0.007910000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-11T03:31:57.000000Z"}