Lucene search

[email protected]CVE-2023-27623

HistoryNov 12, 2023 - 11:15 p.m.

CVE-2023-27623

2023-11-1223:15:08

CWE-352

[email protected]

web.nvd.nist.gov

cve-2023-27623

csrf

vulnerability

jens törnell

wp page numbers plugin

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.9%

JSON

Cross-Site Request Forgery (CSRF) vulnerability in Jens Törnell WP Page Numbers plugin <= 0.5 versions.

Affected configurations

Vulners

NVD

Node

jens_törnellwp_page_numbersRange≤0.5

CPENameOperatorVersion
jenst:wp_page_numbersjenst wp page numbersle0.5

CPE	Name	Operator	Version
jenst:wp_page_numbers	jenst wp page numbers	le	0.5

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-page-numbers",
    "product": "WP Page Numbers",
    "vendor": "Jens Törnell",
    "versions": [
      {
        "lessThanOrEqual": "0.5",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/wp-page-numbers/wordpress-wp-page-numbers-plugin-0-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.9%

JSON

Related for CVE-2023-27623

cvelist1 nvd1 prion1 wordfence1