Lucene search
HistoryDec 15, 2023 - 4:15 p.m.
CVE-2023-49159
cve-2023-49159
elegant digital solutions
ssrf
commentluv
nvd
security
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.3%
Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This issue affects CommentLuv: from n/a through 3.0.4.
Affected configurations
Node
elegant_digital_solutionscommentluvRange≤3.0.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| sean-barton:commentluv | sean-barton commentluv | le | 3.0.4 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "commentluv",
"product": "CommentLuv",
"vendor": "Elegant Digital Solutions",
"versions": [
{
"lessThanOrEqual": "3.0.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
CommentLuv <= 4 - Unauthenticated SSRF
2023-12-08 00:00:00
prion
prion
Server side request forgery (ssrf)
2023-12-15 16:15:00
nvd
nvd
CVE-2023-49159
2023-12-15 16:15:43
cvelist
cvelist
wordfence
wordfence
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.3%
Related for CVE-2023-49159