Lucene search
PatchstackCVELIST:CVE-2023-51522HistoryMar 15, 2024 - 2:21 p.m.
CVE-2023-51522 WordPress Paid Membership Subscriptions plugin <= 2.10.4 - Cross Site Request Forgery (CSRF) vulnerability
2024-03-1514:21:49
CWE-352
Patchstack
www.cve.org
2
cve-2023-51522
cross site request forgery
cozmoslabs paid member subscriptions
security vulnerability
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
AI Score
5
Confidence
High
EPSS
0
Percentile
9.0%
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This issue affects Paid Member Subscriptions: from n/a through 2.10.4.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "paid-member-subscriptions",
"product": "Paid Member Subscriptions",
"vendor": "Cozmoslabs",
"versions": [
{
"changes": [
{
"at": "2.10.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.10.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
wpvulndb
wpvulndb
cve
cve
CVE-2023-51522
2024-03-15 15:15:08
nvd
nvd
CVE-2023-51522
2024-03-15 15:15:08
wordfence
wordfence
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
AI Score
5
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2023-51522