{"id":"CVE-2023-41654","details":"Cross-Site Request Forgery (CSRF) vulnerability in Andreas Heigl authLdap plugin \u003c= 2.5.8 versions.","modified":"2026-04-10T05:03:04.078897Z","published":"2023-10-06T15:15:14.050Z","references":[{"type":"ADVISORY","url":"https://patchstack.com/database/vulnerability/authldap/wordpress-authldap-plugin-2-5-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/heiglandreas/authldap","events":[{"introduced":"0"},{"last_affected":"0a0794b4e9101fa590cc65d5444c799eab3f52a8"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.5.8"}]}}],"versions":["1.3.1","1.4.0","1.4.1","1.4.14","1.4.15","1.4.16","1.4.17","1.4.19","1.4.2","1.4.20","1.4.21","1.4.3","1.4.4","1.4.5","1.4.6","1.4.7","1.4.8","1.4.9","1.5.0","2.0.0","2.3.0","2.3.1","2.4.0","2.4.1","2.4.10","2.4.11","2.4.2","2.4.3","2.4.4","2.4.5","2.4.6","2.4.7","2.4.8","2.4.9","2.5.0","2.5.1","2.5.2","2.5.3","2.5.3-RC1","2.5.3-RC2","2.5.3-RC3","2.5.4","2.5.4-RC1","2.5.5","2.5.6","2.5.7","2.5.8","v1.3.0","v1.4.10","v1.4.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-41654.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}