Lucene search

K
cve[email protected]CVE-2023-44999
HistoryMar 27, 2024 - 2:15 p.m.

CVE-2023-44999

2024-03-2714:15:09
CWE-352
web.nvd.nist.gov
73
cve-2023-44999
cross-site request forgery
woocommerce stripe payment gateway
nvd

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.0.

Affected configurations

Vulners
Node
woocommercestripe_payment_gatewayRange7.6.0
VendorProductVersionCPE
woocommercestripe_payment_gateway*cpe:2.3:a:woocommerce:stripe_payment_gateway:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "WooCommerce Stripe Payment Gateway",
    "vendor": "WooCommerce",
    "versions": [
      {
        "changes": [
          {
            "at": "7.6.1",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "7.6.0",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

Related for CVE-2023-44999