Lucene search
HistorySep 09, 2022 - 3:15 p.m.
CVE-2022-38093
cve-2022-38093
cross-site request forgery
csrf
all in one seo
wordpress
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.5%
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in One SEO plugin <= 4.2.3.1 at WordPress.
Affected configurations
Node
all_in_one_seo_teamall_in_one_seo_\(wordpress_plugin\)Range≤4.2.3.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| aioseo:all_in_one_seo | aioseo all in one seo | le | 4.2.3.1 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "all-in-one-seo-pack",
"product": "All in One SEO (WordPress plugin)",
"vendor": "All in One SEO Team",
"versions": [
{
"changes": [
{
"at": "4.2.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.2.3.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Social References
More
Related
prion
prion
Cross site request forgery (csrf)
2022-09-09 15:15:00
openvas
openvas
WordPress All in One SEO Pack Plugin < 4.2.4 CSRF Vulnerability
2022-09-12 00:00:00
wpvulndb
wpvulndb
All in One SEO < 4.2.4 - Multiple CSRF
2022-09-05 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2022-38093
2022-09-09 15:15:14
cvelist
cvelist
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.5%
Related for CVE-2022-38093