Lucene search

PRIOn knowledge basePRION:CVE-2023-35041

HistoryNov 13, 2023 - 3:15 a.m.

Cross site request forgery (csrf)

2023-11-1303:15:00

PRIOn knowledge base

www.prio-n.com

cross site request forgery

local file inclusion

webpushr plugin

web push notifications

nvd

vulnerability

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

23.8%

JSON

Cross-Site Request Forgery (CSRF) vulnerability leading to Local File Inclusion (LF) in Webpushr Web Push Notifications Web Push Notifications – Webpushr plugin <= 4.34.0 versions.

CPENameOperatorVersion
web_push_notificationsle4.34.0

CPE	Name	Operator	Version
	web_push_notifications	le	4.34.0

References

patchstack.com/database/vulnerability/webpushr-web-push-notifications/wordpress-web-push-notifications-webpushr-plugin-4-34-0-csrf-leading-to-lfi-vulnerability?_s_id=cve