CVE-2023-32579 MEDIUM

CVE-2023-32579: WordPress Forget About Shortcode Buttons Plugin <= 2.1.2 is vulnerable to Broken Access Control

Vendor Designs & Code
Product Forget About Shortcode Buttons
Weakness CWE-352 · CSRF
Published November 9, 2023
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction Required
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) vulnerability in Designs & Code Forget About Shortcode Buttons plugin <= 2.1.2 versions.

Key dates

02Disclosure timeline

November 9, 2023 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2020-8976 ZGR TPS200 Cross-Site Request Forgery (CSRF) CVE-2026-4002 Petje.af <= 2.1.8 - Cross-Site Request Forgery to Account Deletion via 'petjeaf_disconnect' AJAX Action CVE-2025-39563 WordPress Conditional Payments for WooCommerce plugin <= 3.3.0 - Cross Site Request Forgery (CSRF) Vulnerability CVE-2024-54396 WordPress Bet sport Free plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) vulnerability CVE-2025-9948 Chat by Chatwee <= 2.1.3 - Cross-Site Request Forgery to Settings Update