CVE-2023-27448 MEDIUM

CVE-2023-27448: WordPress MakeStories (for Google Web Stories) Plugin <= 2.8.0 is vulnerable to Cross Site Request Forgery (CSRF)

Vendor Makestories Team
Product MakeStories (for Google Web Stories)
Weakness CWE-352 · CSRF
Published October 6, 2023
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin <= 2.8.0 versions.

Key dates

02Disclosure timeline

October 6, 2023 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-37478 WordPress Ashe theme <= 2.233 - Cross Site Request Forgery (CSRF) vulnerability CVE-2024-32104 WordPress NextMove Lite plugin <= 2.18.1 - Cross Site Request Forgery (CSRF) vulnerability CVE-2025-5933 RD Contacto <= 1.4 - Cross-Site Request Forgery to Settings Update CVE-2022-1653 Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF CVE-2025-3099 Advanced Search by My Solr Server <= 2.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting