Lucene search
HistoryApr 12, 2024 - 1:15 p.m.
CVE-2024-31354
cve-2024-31354
cross-site request forgery
tribulant slideshow gallery
vulnerability
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
9.2 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
8.8%
Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8.
Affected configurations
Node
tribulantslideshow_galleryRange≤1.7.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tribulant | slideshow_gallery | * | cpe:2.3:a:tribulant:slideshow_gallery:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "slideshow-gallery",
"product": "Slideshow Gallery",
"vendor": "Tribulant",
"versions": [
{
"lessThanOrEqual": "1.7.8",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-31354
2024-04-12 13:15:19
wpvulndb
wpvulndb
Slideshow Gallery < 1.7.9 - Settings Reset via CSRF
2024-04-11 00:00:00
cvelist
cvelist
wordfence
wordfence
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
9.2 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
8.8%
Related for CVE-2024-31354