Lucene search
HistorySep 06, 2022 - 6:15 p.m.
CVE-2022-33177
cve-2022-33177
cross-site request forgery
csrf
wpdevelop
oplugins booking calendar
translations update
wordpress
nvd
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
4.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.9%
Cross-Site Request Forgery (CSRF) vulnerability in WPdevelop/Oplugins Booking Calendar plugin <= 9.2.1 at WordPress leading to Translations Update.
Affected configurations
Node
wpdevelop\/opluginsbooking_calendar_\(wordpress_plugin\)Range≤9.2.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| wpbookingcalendar:booking_calendar | wpbookingcalendar booking calendar | le | 9.2.1 |
CNA Affected
[
{
"product": "Booking Calendar (WordPress plugin)",
"vendor": "WPdevelop/Oplugins",
"versions": [
{
"lessThanOrEqual": "9.2.1",
"status": "affected",
"version": "<= 9.2.1",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
prion
prion
Cross site request forgery (csrf)
2022-09-06 18:15:00
wpvulndb
wpvulndb
Booking Calendar < 9.2.2 - Arbitrary Translation Update via CSRF
2022-09-06 00:00:00
patchstack
patchstack
cvelist
cvelist
nvd
nvd
CVE-2022-33177
2022-09-06 18:15:15
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
4.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.9%
Related for CVE-2022-33177