Lucene search
PatchstackCVE-2023-46089HistoryOct 22, 2023 - 10:15 p.m.
CVE-2023-46089
2023-10-2222:15:08
CWE-352
Patchstack
web.nvd.nist.gov
22
cve-2023-46089
cross-site request forgery
csrf
lee le
userback plugin
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.001
Percentile
24.1%
Cross-Site Request Forgery (CSRF) vulnerability in Lee Le @ Userback Userback plugin <= 1.0.13 versions.
Affected configurations
Node
userbackuserbackRange≤1.0.13wordpress
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "userback",
"product": "Userback",
"vendor": "Lee Le @ Userback",
"versions": [
{
"lessThanOrEqual": "1.0.13",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-10-22 22:15:00
wpvulndb
wpvulndb
Userback < 1.0.14 - Arbitrary Settings Update via CSRF
2023-10-23 00:00:00
cvelist
cvelist
vulnrichment
vulnrichment
nvd
nvd
CVE-2023-46089
2023-10-22 22:15:08
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.001
Percentile
24.1%
Related for CVE-2023-46089