Lucene search
PatchstackCVE-2022-40131HistoryNov 03, 2022 - 8:15 p.m.
CVE-2022-40131
2022-11-0320:15:30
CWE-352
Patchstack
web.nvd.nist.gov
30
2
cve
2022
40131
csrf
vulnerability
a3rev
software
page view count
plugin
wordpress
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
20.9%
Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Page View Count plugin <= 2.5.5 on WordPress allows an attacker to reset the plugin settings.
Affected configurations
Node
a3revpage_view_countRange≤2.5.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| a3rev | page_view_count | * | cpe:2.3:a:a3rev:page_view_count:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "a3rev Software",
"product": "Page View Count (WordPress plugin)",
"versions": [
{
"version": "<= 2.5.5",
"status": "affected",
"lessThanOrEqual": "2.5.5",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2022-11-03 20:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-40131
2022-11-03 20:15:30
wpvulndb
wpvulndb
Page View Count < 2.5.6 - Settings Reset via CSRF
2022-10-13 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
20.9%
Related for CVE-2022-40131