Lucene search
PatchstackCVE-2023-47553HistoryNov 18, 2023 - 10:15 p.m.
CVE-2023-47553
2023-11-1822:15:08
CWE-352
Patchstack
web.nvd.nist.gov
69
cve
2023
47553
csrf
vulnerability
user local inc
userheat plugin
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
24.1%
Cross-Site Request Forgery (CSRF) vulnerability in User Local Inc UserHeat Plugin.This issue affects UserHeat Plugin: from n/a through 1.1.6.
Affected configurations
Node
userlocaluserheat_pluginRange≤1.1.6wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| userlocal | userheat_plugin | * | cpe:2.3:a:userlocal:userheat_plugin:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "userheat",
"product": "UserHeat Plugin",
"vendor": "User Local Inc",
"versions": [
{
"lessThanOrEqual": "1.1.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-11-18 22:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-47553
2023-11-18 22:15:08
wpvulndb
wpvulndb
UserHeat Plugin <= 1.1.6 - Cross-Site Request Forgery
2023-11-23 00:00:00
vulnrichment
vulnrichment
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.6
Confidence
High
EPSS
0.001
Percentile
24.1%
Related for CVE-2023-47553