Lucene search
HistoryJul 21, 2022 - 4:15 p.m.
CVE-2022-32289
cve-2022-32289
cross-site request forgery
csrf
sygnoos popup builder
wordpress
popup status change
nvd
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
4.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
21.0%
Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.0 at WordPress leading to popup status change.
Affected configurations
Node
sygnoospopup_builderRange≤4.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sygnoos | popup_builder | * | cpe:2.3:a:sygnoos:popup_builder:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Popup Builder (WordPress plugin)",
"vendor": "Sygnoos",
"versions": [
{
"lessThanOrEqual": "4.1.0",
"status": "affected",
"version": "<= 4.1.0",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2022-07-21 16:15:00
wpvulndb
wpvulndb
Popup Builder < 4.1.1 - Popup Status Change via CSRF
2022-06-17 00:00:00
openvas
openvas
WordPress Popup Builder Plugin <= 4.1.0 CSRF Vulnerability
2022-07-27 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2022-32289
2022-07-21 16:15:09
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
4.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
21.0%
Related for CVE-2022-32289