CVSS 3.1 Score 4.3 of 10 (medium)


Published Nov 30, 2023
Updated: Dec 5, 2023
CWE ID 352


CVE-2023-48284 is a Cross-Site Request Forgery (CSRF) vulnerability found in the WebToffee Decorator - WooCommerce Email Customizer plugin, affecting versions up to 1.2.7. This vulnerability allows for Cross Site Request Forgery attacks. The affected products include trfa-0, trfa-1, trfa-2, trfa-3, trfa-4, trfa-5, trfa-6, trfa-7, trfa-w, trfa-x, trfa-y, and trfa-z. The base severity of this vulnerability is rated as MEDIUM with a CVSS score of 4.3. The danger it poses to an organization is low integrity impact and no confidentiality impact but requires user interaction over a network connection. No remediation steps or details on the potential danger were provided in the information provided.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-48284 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options