Lucene search
PatchstackCVELIST:CVE-2023-24377HistoryFeb 14, 2023 - 11:18 a.m.
CVE-2023-24377 WordPress Ecwid Shopping Cart Plugin <= 6.11.3 is vulnerable to Cross Site Request Forgery (CSRF)
2023-02-1411:18:14
CWE-352
Patchstack
www.cve.org
1
cve-2023-24377
wordpress
ecwid shopping cart plugin
cross site request forgery
csrf
ecommerce
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.5%
Cross-Site Request Forgery (CSRF) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping CartΒ plugin <= 6.11.3 versions.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ecwid-shopping-cart",
"product": "Ecwid Ecommerce Shopping Cart",
"vendor": "Ecwid Ecommerce",
"versions": [
{
"changes": [
{
"at": "6.11.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.11.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2023-24377
2023-02-14 12:15:15
prion
prion
Cross site request forgery (csrf)
2023-02-14 12:15:00
wpvulndb
wpvulndb
Ecwid Shopping Cart < 6.11.4 - Import via CSRF
2023-01-27 00:00:00
nvd
nvd
CVE-2023-24377
2023-02-14 12:15:15
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.5%
Related for CVELIST:CVE-2023-24377