Lucene search

[email protected]CVE-2023-34181

HistoryNov 09, 2023 - 7:15 p.m.

CVE-2023-34181

2023-11-0919:15:08

CWE-352

[email protected]

web.nvd.nist.gov

cve-2023-34181

cross-site request forgery

csrf

wp-cirrus plugin

vulnerability

nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.3%

JSON

Cross-Site Request Forgery (CSRF) vulnerability in WP-Cirrus plugin <= 0.6.11 versions.

Affected configurations

Vulners

NVD

Node

wp-cirruswp-cirrusRange≤0.6.11

CPENameOperatorVersion
wp-cirrus_project:wp-cirruswp-cirrus project wp-cirrusle0.6.11

CPE	Name	Operator	Version
wp-cirrus_project:wp-cirrus	wp-cirrus project wp-cirrus	le	0.6.11

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-cirrus",
    "product": "WP-Cirrus",
    "vendor": "WP-Cirrus",
    "versions": [
      {
        "lessThanOrEqual": "0.6.11",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/wp-cirrus/wordpress-wp-cirrus-plugin-0-6-11-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.3%

JSON

Related for CVE-2023-34181

nvd1 prion1 cvelist1 wordfence1