CVE-2023-23993: 
WordPress vulnerability analysis and mitigation

A Cross-Site Request Forgery (CSRF) vulnerability was identified in LionScripts.Com LionScripts: IP Blocker Lite WordPress plugin, affecting versions up to and including 11.1.1. The vulnerability was discovered on January 20, 2023, and was publicly disclosed on March 28, 2023 (Patchstack Database).

The vulnerability is tracked as CVE-2023-23993 and has been assigned a CVSS v3.1 base score of 8.8 (HIGH) by NIST with a vector string of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. However, Patchstack has assessed it with a lower CVSS score of 5.4 (MEDIUM) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L. The vulnerability is classified under CWE-352 (Cross-Site Request Forgery) (NVD).

This vulnerability could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. The impact is considered low severity and is unlikely to be exploited (Patchstack Database).

As of the latest reports, no official fix is available for this vulnerability. The issue was reported to Patchstack on January 20, 2023, and an early warning was sent to Patchstack customers on March 28, 2023 (Patchstack Database).