CVSS 3.1 Score 4.3 of 10 (medium)


Published Nov 13, 2023
Updated: Nov 16, 2023
CWE ID 352


CVE-2023-46638 is a Cross-Site Request Forgery (CSRF) vulnerability found in the Webcodin WCP OpenWeather plugin versions <= 2.5.0. This vulnerability affects the 'tQWL8_' product. To remediate the issue, users are advised to update their plugin to a version that is not affected by the vulnerability. The potential danger this vulnerability poses to an organization is considered medium, with a base score of 4.3 out of 10. It requires user interaction and can result in low integrity impact, but does not have any confidentiality or availability impact.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-46638 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options