Lucene search
PatchstackCVE-2023-47182HistoryNov 06, 2023 - 10:15 a.m.
CVE-2023-47182
2023-11-0610:15:08
CWE-352
Patchstack
web.nvd.nist.gov
28
cve-2023-47182
cross-site request forgery
csrf
stored cross-site scripting
xss
nazmul hossain nihal
login screen manager plugin
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
24.1%
Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions.
Affected configurations
Node
nazmulhossainnihallogin_screen_managerRange≤3.5.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nazmulhossainnihal | login_screen_manager | * | cpe:2.3:a:nazmulhossainnihal:login_screen_manager:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "login-screen-manager",
"product": "Login Screen Manager",
"vendor": "Nazmul Hossain Nihal",
"versions": [
{
"lessThanOrEqual": "3.5.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-11-06 10:15:00
nvd
nvd
CVE-2023-47182
2023-11-06 10:15:08
wpvulndb
wpvulndb
Login Screen Manager <= 3.5.2 - Stored XSS via CSRF
2023-11-17 00:00:00
cvelist
cvelist
vulnrichment
vulnrichment
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
24.1%
Related for CVE-2023-47182