Lucene search
PatchstackCVE-2023-44470HistoryOct 10, 2023 - 2:15 p.m.
CVE-2023-44470
2023-10-1014:15:10
CWE-352
Patchstack
web.nvd.nist.gov
12
cve-2023-44470
cross-site request forgery
csrf
vulnerability
kvvaradha kv tinymce editor add fonts plugin
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.001
Percentile
24.1%
Cross-Site Request Forgery (CSRF) vulnerability in Kvvaradha Kv TinyMCE Editor Add Fonts plugin <= 1.1 versions.
Affected configurations
Node
kvvaradhakv_tinymce_editor_add_fontsRange≤1.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kvvaradha | kv_tinymce_editor_add_fonts | * | cpe:2.3:a:kvvaradha:kv_tinymce_editor_add_fonts:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "kv-tinymce-editor-fonts",
"product": "Kv TinyMCE Editor Add Fonts",
"vendor": "Kvvaradha",
"versions": [
{
"lessThanOrEqual": "1.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2023-10-10 14:15:00
vulnrichment
vulnrichment
nvd
nvd
CVE-2023-44470
2023-10-10 14:15:10
wpvulndb
wpvulndb
Kv TinyMCE Editor Add Fonts <= 1.1 - Font List Update via CSRF
2023-10-11 00:00:00
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.001
Percentile
24.1%
Related for CVE-2023-44470