Lucene search
HistoryApr 15, 2024 - 11:15 a.m.
CVE-2024-31381
cve-2024-31381
csrf
vulnerability
rebelcode
spotlight
social media feeds
nvd
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Cross-Site Request Forgery (CSRF) vulnerability in RebelCode Spotlight Social Media Feeds.This issue affects Spotlight Social Media Feeds: from n/a through 1.6.10.
Affected configurations
Node
rebelcodespotlight_social_feedsRange≤1.6.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| rebelcode | spotlight_social_feeds | * | cpe:2.3:a:rebelcode:spotlight_social_feeds:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "spotlight-social-photo-feeds",
"product": "Spotlight Social Media Feeds",
"vendor": "RebelCode",
"versions": [
{
"changes": [
{
"at": "1.6.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.6.10",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-31381
2024-04-15 11:15:09
cvelist
cvelist
wpvulndb
wpvulndb
Spotlight Social Media Feeds < 1.6.11 - Cross-Site Request Forgery
2024-04-16 00:00:00
wordfence
wordfence
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2024-31381