Lucene search
HistoryDec 29, 2023 - 1:15 p.m.
CVE-2023-51358
cve-2023-51358
cross-site request forgery
csrf
bright plugins
block ips
gravity forms
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.1%
Cross-Site Request Forgery (CSRF) vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1.
Affected configurations
Node
bright_pluginsblock_ips_for_gravity_formsRangeβ€1.0.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| brightplugins:block_ips_for_gravity_forms | brightplugins block ips for gravity forms | le | 1.0.1 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "gf-block-ips",
"product": "Block IPs for Gravity Forms",
"vendor": "Bright Plugins",
"versions": [
{
"changes": [
{
"at": "1.0.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-51358
2023-12-29 13:15:09
wpvulndb
wpvulndb
Block IPs for Gravity Forms < 1.0.2 - Cross-Site Request Forgery
2024-01-04 00:00:00
prion
prion
Cross site request forgery (csrf)
2023-12-29 13:15:00
cvelist
cvelist
wordfence
wordfence
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.1%
Related for CVE-2023-51358