Lucene search
HistoryApr 15, 2024 - 9:15 a.m.
CVE-2024-32436
cross-site request forgery
codemenschen
gift vouchers
security vulnerability
nvd
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Cross-Site Request Forgery (CSRF) vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0.
Affected configurations
Node
codemenschengift_vouchersRange≤4.4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| codemenschen | gift_vouchers | * | cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "gift-voucher",
"product": "Gift Vouchers",
"vendor": "Codemenschen",
"versions": [
{
"changes": [
{
"at": "4.4.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.4.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Gift Vouchers < 4.4.1 - Cross-Site Request Forgery
2024-04-17 00:00:00
nvd
nvd
CVE-2024-32436
2024-04-15 09:15:12
cvelist
cvelist
wordfence
wordfence
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2024-32436