Lucene search
HistoryOct 11, 2022 - 8:15 p.m.
CVE-2022-38086
cve-2022-38086
cross-site request forgery
csrf
shortcodes ultimate plugin
wordpress
vulnerability
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
21.0%
Cross-Site Request Forgery (CSRF) vulnerability in Shortcodes Ultimate plugin <= 5.12.0 at WordPress leading to plugin preset settings change.
Affected configurations
Node
vladimir_anokhinshortcodes_ultimate_\(wordpress_plugin\)Range≤5.12.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| getshortcodes:shortcodes_ultimate | getshortcodes shortcodes ultimate | le | 5.12.0 |
CNA Affected
[
{
"vendor": "Vladimir Anokhin",
"product": "Shortcodes Ultimate (WordPress plugin)",
"versions": [
{
"version": "<= 5.12.0",
"status": "affected",
"lessThanOrEqual": "5.12.0",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2022-10-11 20:15:00
cvelist
cvelist
wpvulndb
wpvulndb
Shortcodes Ultimate < 5.12.1 - Settings Preset Update via CSRF
2022-10-02 00:00:00
nvd
nvd
CVE-2022-38086
2022-10-11 20:15:15
openvas
openvas
WordPress Shortcodes Ultimate Plugin < 5.12.1 Multiple CSRF Vulnerabilities
2022-11-10 00:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
21.0%
Related for CVE-2022-38086