Lucene search
MitreCVE-2008-4734HistoryOct 24, 2008 - 10:30 a.m.
CVE-2008-4734
2008-10-2410:30:00
CWE-352
mitre
web.nvd.nist.gov
21
cve-2008-4734
cross-site request forgery
csrf
wp comment remix plugin
wpcr_do_options_page
wordpress
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
High
EPSS
0.002
Percentile
59.6%
Cross-site request forgery (CSRF) vulnerability in the wpcr_do_options_page function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcr_hidden_form_input parameter.
Affected configurations
Node
pressographywp_comment_remix_pluginRange≤1.4.3
ORpressographywp_comment_remix_pluginMatch1.4
wordpresswordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pressography | wp_comment_remix_plugin | * | cpe:2.3:a:pressography:wp_comment_remix_plugin:*:*:*:*:*:*:*:* |
| pressography | wp_comment_remix_plugin | 1.4 | cpe:2.3:a:pressography:wp_comment_remix_plugin:1.4:*:*:*:*:*:*:* |
| wordpress | wordpress | * | cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2008-10-24 10:30:00
cvelist
cvelist
CVE-2008-4734
2008-10-24 10:00:00
patchstack
patchstack
WordPress WP Comment Remix Plugin <= 1.4.3 - CSRF
2008-10-24 00:00:00
nvd
nvd
CVE-2008-4734
2008-10-24 10:30:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
High
EPSS
0.002
Percentile
59.6%
Related for CVE-2008-4734