Lucene search
HistoryMar 01, 2023 - 1:15 p.m.
CVE-2023-23974
cve-2023-23974
csrf vulnerability
fullworks quick event manager
nvd
registration actions
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
0.0005 Low
EPSS
Percentile
16.2%
Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <=Β 9.7.4 affecting all registration actions (delete, delete all, edit, update).
Affected configurations
Node
fullworksstop_user_enumerationRangeβ€9.7.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fullworks | stop_user_enumeration | * | cpe:2.3:a:fullworks:stop_user_enumeration:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "quick-event-manager",
"product": "Quick Event Manager",
"vendor": "Fullworks",
"versions": [
{
"changes": [
{
"at": "9.7.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "9.7.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-03-01 13:15:00
nvd
nvd
CVE-2023-23974
2023-03-01 13:15:10
wpvulndb
wpvulndb
Quick Event Manager < 9.7.5 - Registration Deletion/Update via CSRF
2023-01-20 00:00:00
cvelist
cvelist
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
0.0005 Low
EPSS
Percentile
16.2%
Related for CVE-2023-23974