Lucene search
HistoryOct 03, 2023 - 1:15 p.m.
CVE-2023-40198
cve-2023-40198
csrf
vulnerability
antsanchez easy cookie law plugin
nvd
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
0.0005 Low
EPSS
Percentile
18.0%
Cross-Site Request Forgery (CSRF) vulnerability in Antsanchez Easy Cookie Law plugin <= 3.1 versions.
Affected configurations
Node
antsanchezeasy_cookie_lawRange≤3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| antsanchez | easy_cookie_law | * | cpe:2.3:a:antsanchez:easy_cookie_law:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "easy-cookie-law",
"product": "Easy Cookie Law",
"vendor": "Antsanchez",
"versions": [
{
"lessThanOrEqual": "3.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-10-03 13:15:00
nvd
nvd
CVE-2023-40198
2023-10-03 13:15:10
cvelist
cvelist
wpvulndb
wpvulndb
Easy Cookie Law <= 3.1 - Settings Update via CSRF
2023-10-10 00:00:00
wordfence
wordfence
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
0.0005 Low
EPSS
Percentile
18.0%
Related for CVE-2023-40198