Lucene search
PatchstackCVE-2023-23879HistoryApr 23, 2023 - 12:15 p.m.
CVE-2023-23879
2023-04-2312:15:13
CWE-352
Patchstack
web.nvd.nist.gov
24
cve
2023
23879
csrf
vulnerability
nicolas zeh
php execution
plugin
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
34.8%
Cross-Site Request Forgery (CSRF) vulnerability in Nicolas Zeh PHP Execution plugin <= 1.0.0 versions.
Affected configurations
Node
php_execution_projectphp_executionRange≤1.0.0wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| php_execution_project | php_execution | * | cpe:2.3:a:php_execution_project:php_execution:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "php-execution-plugin",
"product": "PHP Execution",
"vendor": "Nicolas Zeh",
"versions": [
{
"lessThanOrEqual": "1.0.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-04-23 12:15:00
wpvulndb
wpvulndb
PHP Execution <= 1.0.0 - Settings Update via CSRF
2023-02-02 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2023-23879
2023-04-23 12:15:13
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
34.8%
Related for CVE-2023-23879