Lucene search
HistoryMar 13, 2023 - 3:15 p.m.
CVE-2023-23711
cve-2023-23711
cross-site request forgery
csrf
a2 hosting
a2 optimized wp plugin
nvd
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.7 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.2%
Cross-Site Request Forgery (CSRF) vulnerability in A2 Hosting A2 Optimized WP pluginΒ <= 3.0.4 versions.
Affected configurations
Node
a2_hostinga2_optimized_wpRangeβ€3.0.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| a2hosting:a2_optimized | a2hosting a2 optimized | lt | 3.0.5 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "a2-optimized-wp",
"product": "A2 Optimized WP",
"vendor": "A2 Hosting",
"versions": [
{
"changes": [
{
"at": "3.0.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.0.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
wpvulndb
wpvulndb
A2 Optimized WP < 3.0.5 - Data Collection Toggle via CSRF
2023-02-06 00:00:00
prion
prion
Cross site request forgery (csrf)
2023-03-13 15:15:00
nvd
nvd
CVE-2023-23711
2023-03-13 15:15:12
wordfence
wordfence
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.7 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
16.2%
Related for CVE-2023-23711