Lucene search
PatchstackCVE-2023-23973HistoryMar 01, 2023 - 1:15 p.m.
CVE-2023-23973
2023-03-0113:15:10
CWE-352
Patchstack
web.nvd.nist.gov
26
cve-2023-23973
cross-site request forgery
csrf
vulnerability
a3rev software
contact us page
contact people plugin
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
22.3%
Cross-Site Request Forgery (CSRF) vulnerability in a3rev Software Contact Us Page – Contact People plugin <= 3.7.0.
Affected configurations
Node
a3revcontact_us_page_-_contact_peopleRange<3.7.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| a3rev | contact_us_page_-_contact_people | * | cpe:2.3:a:a3rev:contact_us_page_-_contact_people:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "contact-us-page-contact-people",
"product": "Contact Us Page – Contact People",
"vendor": "a3rev Software",
"versions": [
{
"changes": [
{
"at": "3.7.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.7.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
nvd
nvd
CVE-2023-23973
2023-03-01 13:15:10
prion
prion
Cross site request forgery (csrf)
2023-03-01 13:15:00
wpvulndb
wpvulndb
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
22.3%
Related for CVE-2023-23973