Lucene search
HistoryFeb 13, 2023 - 5:15 p.m.
CVE-2022-41134
cve-2022-41134
cross-site request forgery
csrf
optinlyhq optinly
security vulnerability
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.7%
Cross-Site Request Forgery (CSRF) in OptinlyHQ Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms plugin <= 1.0.15 versions.
Affected configurations
Node
optinlyhqoptinly_–_exit_intent\,_newsletter_popups\,_gamification_\&_opt-in_formsRange≤1.0.15
| CPE | Name | Operator | Version |
|---|---|---|---|
| optinly:optinly | optinly | lt | 1.0.16 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "optinly",
"product": "Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms",
"vendor": "OptinlyHQ",
"versions": [
{
"changes": [
{
"at": "1.0.16",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.15",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
nvd
nvd
CVE-2022-41134
2023-02-13 17:15:10
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2023-02-13 17:15:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.7%
Related for CVE-2022-41134