Lucene search

[email protected]CVE-2019-15832

HistoryAug 30, 2019 - 2:15 p.m.

CVE-2019-15832

2019-08-3014:15:10

CWE-352

[email protected]

web.nvd.nist.gov

cve

2019

15832

visitors

traffic

real time

statistics

plugin

wordpress

csrf

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.4%

JSON

The visitors-traffic-real-time-statistics plugin before 1.13 for WordPress has CSRF.

Affected configurations

NVD

Node

wp-buyvisitor_traffic_real_time_statisticsRange<1.13wordpress

CPENameOperatorVersion
wp-buy:visitor_traffic_real_time_statisticswp-buy visitor traffic real time statisticslt1.13

CPE	Name	Operator	Version
wp-buy:visitor_traffic_real_time_statistics	wp-buy visitor traffic real time statistics	lt	1.13

References

wordpress.org/plugins/visitors-traffic-real-time-statistics/#developers

wpvulndb.com/vulnerabilities/9420

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.4%

JSON

Related for CVE-2019-15832

prion1 cvelist1 nvd1 openvas1 wpvulndb1