Lucene search
PatchstackVULNRICHMENT:CVE-2023-36679HistoryMar 28, 2024 - 5:58 a.m.
CVE-2023-36679 WordPress Spectra plugin <= 2.6.6 - Server Side Request Forgery (SSRF) vulnerability
2024-03-2805:58:25
CWE-918
Patchstack
github.com
3
cve-2023-36679
wordpress
spectra
server-side request forgery
brainstorm force
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
AI Score
7
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
CNA Affected
[
{
"vendor": "Brainstorm Force",
"product": "Spectra",
"versions": [
{
"status": "affected",
"changes": [
{
"at": "2.6.7",
"status": "unaffected"
}
],
"version": "n/a",
"versionType": "custom",
"lessThanOrEqual": "2.6.6"
}
],
"packageName": "ultimate-addons-for-gutenberg",
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2023-36679
2024-03-28 06:15:09
cve
cve
CVE-2023-36679
2024-03-28 06:15:09
cvelist
cvelist
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
AI Score
7
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-36679