{"id":"CVE-2023-46636","details":"Cross-Site Request Forgery (CSRF) vulnerability in David Stöckl Custom Header Images plugin \u003c= 1.2.1 versions.","modified":"2026-04-10T05:04:42.986503Z","published":"2023-11-13T01:15:08.833Z","references":[{"type":"ADVISORY","url":"https://patchstack.com/database/vulnerability/custom-header-images/wordpress-custom-header-images-plugin-1-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wp-plugins/custom-header-images","events":[{"introduced":"0"},{"last_affected":"3ff63e47327de37ccaef15251a594d260e25fcc0"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.2.1"}]}}],"versions":["1.2.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-46636.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}