Lucene search
JpcertCVE-2023-35764HistoryApr 03, 2024 - 8:15 a.m.
CVE-2023-35764
2024-04-0308:15:49
CWE-345
jpcert
web.nvd.nist.gov
37
data verification
ip spoofing
survey maker
remote attack
nvd
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Insufficient verification of data authenticity issue in Survey Maker prior to 3.6.4 allows a remote unauthenticated attacker to spoof an IP address when posting.
Affected configurations
Node
ays_pro_pluginssurvey_makerRange<4.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ays_pro_plugins | survey_maker | * | cpe:2.3:a:ays_pro_plugins:survey_maker:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "AYS Pro Plugins",
"product": "Survey Maker",
"versions": [
{
"version": "prior to 4.1.0",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2023-35764
2024-04-03 07:10:07
wpvulndb
wpvulndb
Survey Maker < 4.1.0 - IP Address Spoofing
2024-05-08 00:00:00
nvd
nvd
CVE-2023-35764
2024-04-03 08:15:49
vulnrichment
vulnrichment
CVE-2023-35764
2024-04-03 07:10:07
jvn
jvn
JVN#51098626: Multiple vulnerabilities in WordPress Plugin "Survey Maker"
2024-03-27 00:00:00
wordfence
wordfence
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2023-35764