Lucene search
PatchstackCVE-2021-36861HistoryAug 05, 2022 - 4:15 p.m.
CVE-2021-36861
2022-08-0516:15:10
CWE-352
Patchstack
web.nvd.nist.gov
47
5
cve
2021
36861
csrf
vulnerability
rich reviews
wordpress
plugin
security
nvd
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
20.8%
Cross-Site Request Forgery (CSRF) vulnerability in Rich Reviews by Starfish plugin <= 1.9.14 at WordPress allows an attacker to delete reviews.
Affected configurations
Node
starfishrich_reviewRange≤1.9.14wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| starfish | rich_review | * | cpe:2.3:a:starfish:rich_review:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"product": "Rich Reviews by Starfish (WordPress plugin)",
"vendor": "Starfish Reviews",
"versions": [
{
"lessThanOrEqual": "1.9.14",
"status": "affected",
"version": "<= 1.9.14",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
wpvulndb
wpvulndb
Rich Reviews <= 1.9.15 - Arbitrary Reviews Deletion via CSRF
2022-08-01 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-08-05 16:15:00
patchstack
patchstack
cvelist
cvelist
nvd
nvd
CVE-2021-36861
2022-08-05 16:15:10
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
20.8%
Related for CVE-2021-36861