Lucene search
HistoryJul 17, 2023 - 3:15 p.m.
CVE-2023-36514
cve-2023-36514
cross-site request forgery
woocommerce shipping multiple addresses plugin
3.8.5
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
28.3%
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions.
Affected configurations
Node
woocommerceshipping_multiple_addressesRange≤3.8.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| woocommerce | shipping_multiple_addresses | * | cpe:2.3:a:woocommerce:shipping_multiple_addresses:*:*:*:*:*:wordpress:*:* |
Related
cvelist
cvelist
cve
cve
CVE-2023-36514
2023-07-17 15:15:09
wpvulndb
wpvulndb
WooCommerce Ship to Multiple Addresses < 3.8.6 - Cross-Site Request Forgery
2023-07-18 00:00:00
prion
prion
Cross site request forgery (csrf)
2023-07-17 15:15:00
vulnrichment
vulnrichment
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
28.3%
Related for NVD:CVE-2023-36514