Lucene search
PatchstackCVELIST:CVE-2022-40686HistoryOct 28, 2022 - 12:00 a.m.
CVE-2022-40686 WordPress Creative Mail plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability
2022-10-2800:00:00
CWE-352
Patchstack
www.cve.org
wordpress
creative mail plugin
csrf
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
9.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.3%
Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail plugin <= 1.5.4 on WordPress.
CNA Affected
[
{
"vendor": "Constant Contact",
"product": "Creative Mail (WordPress plugin)",
"versions": [
{
"version": "<= 1.5.4",
"status": "affected",
"lessThanOrEqual": "1.5.4",
"versionType": "custom"
}
]
}
]Related
patchstack
patchstack
cve
cve
CVE-2022-40686
2022-11-18 19:15:29
wpvulndb
wpvulndb
Creative Mail < 1.6.0 - CSRF
2022-10-28 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-11-18 19:15:00
nvd
nvd
CVE-2022-40686
2022-11-18 19:15:29
openvas
openvas
WordPress Creative Mail Plugin < 1.6.0 Multiple CSRF Vulnerabilities
2023-03-27 00:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
9.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.3%
Related for CVELIST:CVE-2022-40686