What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin <= 4.7.1 versions.
CVE-2023-34386
MEDIUM
CVE-2023-34386: WordPress WPC Smart Wishlist for WooCommerce Plugin <= 4.7.1 is vulnerable to Cross Site Request Forgery (CSRF)
CVSS base score
4.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Key dates
02Disclosure timeline
November 9, 2023
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2020-37144 Exagate Sysguard 6001 - Cross-Site Request Forgery (Add Admin)
CVE-2022-29427 WordPress Disable Right Click For WP plugin <= 1.1.6 - Cross-Site Request Forgery (CSRF) vulnerability
CVE-2022-33974 WordPress Custom Twitter Feeds (Tweets Widget) Plugin <= 1.8.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2025-9625 Coil Web Monetization <= 2.0.2 - Cross-Site Request Forgery
CVE-2023-2508 CSRF in PaperCutNG Mobility Print leads to sophisticated phishing
