Lucene search

[email protected]CVE-2023-49153

HistoryDec 18, 2023 - 11:15 p.m.

CVE-2023-49153

2023-12-1823:15:08

CWE-352

[email protected]

web.nvd.nist.gov

cve-2023-49153

cross-site request forgery

csrf

vulnerability

saiful islam

add to cart

text changer

customize button

custom icon

nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.1%

JSON

Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam Add to Cart Text Changer and Customize Button, Add Custom Icon.This issue affects Add to Cart Text Changer and Customize Button, Add Custom Icon: from n/a through 2.0.

Affected configurations

Vulners

NVD

Node

saiful_islamadd_to_cart_text_changer_and_customize_button\,_add_custom_iconRange≤2.0

CPENameOperatorVersion
codeastrology:add_to_cart_text_changer_and_customize_button\,_add_custom_iconcodeastrology add to cart text changer and customize button, add custom iconle2.0

CPE	Name	Operator	Version
codeastrology:add_to_cart_text_changer_and_customize_button\,_add_custom_icon	codeastrology add to cart text changer and customize button, add custom icon	le	2.0

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "woo-add-to-cart-text-change",
    "product": "Add to Cart Text Changer and Customize Button, Add Custom Icon",
    "vendor": "Saiful Islam",
    "versions": [
      {
        "lessThanOrEqual": "2.0",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/woo-add-to-cart-text-change/wordpress-add-to-cart-text-changer-and-customize-button-add-custom-icon-plugin-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve