Lucene search
PatchstackCVELIST:CVE-2022-32587HistorySep 26, 2022 - 12:00 a.m.
CVE-2022-32587 WordPress WP Page Widget plugin <= 3.9 - Cross-Site Request Forgery (CSRF) vulnerability
2022-09-2600:00:00
CWE-352
Patchstack
www.cve.org
2
cve-2022-32587
cross-site request forgery
codeandmore wp page widget
wordpress
plugin settings change
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
0.001 Low
EPSS
Percentile
20.9%
Cross-Site Request Forgery (CSRF) vulnerability in CodeAndMore WP Page Widget plugin <= 3.9 on WordPress leading to plugin settings change.
CNA Affected
[
{
"vendor": "CodeAndMore",
"product": "WP Page Widget (WordPress plugin)",
"versions": [
{
"version": "<= 3.9",
"status": "affected",
"lessThanOrEqual": "3.9",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-32587
2022-11-08 19:15:12
prion
prion
Cross site request forgery (csrf)
2022-11-08 19:15:00
wpvulndb
wpvulndb
WP Page Widget < 4.0 - Settings Update via CSRF
2022-09-26 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2022-32587
2022-11-08 19:15:12
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
0.001 Low
EPSS
Percentile
20.9%
Related for CVELIST:CVE-2022-32587