CVE-2023-47243 MEDIUM

CVE-2023-47243: WordPress MSHOP MY SITE Plugin <= 1.1.6 is vulnerable to Broken Access Control

Vendor Codemshop

Product 코드엠샵 마이사이트 – MSHOP MY SITE

Weakness CWE-352 · CSRF

Published November 18, 2023

Last update April 28, 2026

View on NVD All CVEs

CVSS base score

5.4/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) vulnerability in CodeMShop 코드엠샵 마이사이트 – MSHOP MY SITE.This issue affects 코드엠샵 마이사이트 – MSHOP MY SITE: from n/a through 1.1.6.

Key dates

02Disclosure timeline

November 18, 2023 CVE published

April 28, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-47243 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2024-13933 FoodBakery | Delivery Restaurant Directory WordPress Theme <= 4.7 - Cross-Site Request Forgery in Multiple Functions CVE-2024-24837 Cross-Site Request Forgery (CSRF) vulnerability in FG PrestaShop, FG Drupal and FG Joomla WordPress plugins CVE-2026-27841 SenseLive X3050 Cross-Site request forgery CVE-2025-68604 WordPress WPGraphQL plugin <= 2.5.3 - Cross Site Request Forgery (CSRF) vulnerability CVE-2026-32816 Admidio has Missing CSRF Validation on Role Delete, Activate, and Deactivate Actions

Identifiers

CVE CVE-2023-47243

CWE CWE-352

CVSS 5.4 / MEDIUM

Affected versions

Vendor Codemshop

Product 코드엠샵 마이사이트 – MSHOP MY SITE

Affected ≥ n/a and ≤ 1.1.6