Login Sign Up

CVE-2023-23790

7.1 HIGH
CSRF

📋 TL;DR

This CSRF vulnerability in the Pods WordPress plugin allows attackers to trick authenticated administrators into performing unintended actions. It affects WordPress sites using Pods plugin version 2.9.10.2 or earlier. Successful exploitation could lead to unauthorized content modification or plugin settings changes.

💻 Affected Systems

Products:
  • Pods - Custom Content Types and Fields WordPress Plugin
Versions: <= 2.9.10.2
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with Pods plugin enabled and an authenticated administrator session.

📦 What is this software?

Pods by Podsfoundation

View all CVEs affecting Pods →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could modify critical WordPress content, change plugin settings, or create/delete custom content types without authorization, potentially compromising site integrity.

🟠

Likely Case

Attackers trick administrators into performing actions like modifying posts, changing settings, or creating unwanted content types through crafted requests.

🟢

If Mitigated

With proper CSRF protections and user awareness, the risk is limited to unsuccessful exploitation attempts with no impact.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

CSRF attacks typically require social engineering to trick authenticated users but are technically simple to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.9.11 or later

Vendor Advisory: https://patchstack.com/database/vulnerability/pods/wordpress-pods-custom-content-types-and-fields-plugin-2-9-10-2-cross-site-request-forgery-csrf-vulnerability

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Pods plugin and click 'Update Now'. 4. Alternatively, download latest version from WordPress.org and manually update.

🔧 Temporary Workarounds

Implement CSRF Protection

all

Add custom CSRF tokens to forms and validate them server-side

Restrict Admin Access

all

Limit administrator accounts and implement strict access controls

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to detect and block CSRF attempts
  • Educate administrators about CSRF risks and safe browsing practices

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Pods version. If version is 2.9.10.2 or lower, you are vulnerable.

Check Version:

wp plugin list --name=pods --field=version

Verify Fix Applied:

After updating, verify Pods plugin version shows 2.9.11 or higher in WordPress admin.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected POST requests to Pods admin endpoints
  • Multiple failed CSRF token validations

Network Indicators:

  • Cross-origin requests to Pods admin endpoints
  • Suspicious referer headers in requests

SIEM Query:

source="wordpress.log" AND (uri="/wp-admin/admin-ajax.php" OR uri CONTAINS "pods") AND method="POST" AND referer NOT CONTAINS hostname

📊 Metadata

CVE ID: CVE-2023-23790
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
CWE: CWE-352
Published: May 3, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-23790, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)