Lucene search
PatchstackCVE-2024-31425HistoryApr 15, 2024 - 10:15 a.m.
CVE-2024-31425
2024-04-1510:15:09
CWE-352
Patchstack
web.nvd.nist.gov
26
cve-2024-31425
tms amelia
csrf
vulnerability
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Cross-Site Request Forgery (CSRF) vulnerability in TMS Amelia.This issue affects Amelia: from n/a through 1.0.95.
Affected configurations
Node
tmsameliaRange≤1.0.95wordpress
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ameliabooking",
"product": "Amelia",
"vendor": "TMS",
"versions": [
{
"changes": [
{
"at": "1.0.96",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.95",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-31425
2024-04-15 10:15:09
wpvulndb
wpvulndb
Amelia < 1.0.96 - Cross-Site Request Forgery
2024-04-16 00:00:00
cvelist
cvelist
wordfence
wordfence
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-31425