Lucene search
HistoryJun 05, 2024 - 2:15 p.m.
CVE-2024-35673
cve-2024-35673
cross-site request forgery
pure chat
ruby
vulnerability
nvd
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.9 Medium
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.0%
Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22.
Affected configurations
Node
pure_chat_by_rubypure_chatRange≤2.22
| CPE | Name | Operator | Version |
|---|---|---|---|
| purechat:pure_chat | purechat pure chat | lt | 2.3 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "pure-chat",
"product": "Pure Chat",
"vendor": "Pure Chat by Ruby",
"versions": [
{
"changes": [
{
"at": "2.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.22",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-35673
2024-06-05 14:15:13
wpvulndb
wpvulndb
Pure Chat – Live Chat Plugin & More! < 2.23 - Cross-Site Request Forgery
2024-06-06 00:00:00
vulnrichment
vulnrichment
cvelist
cvelist
wordfence
wordfence
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.9 Medium
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.0%
Related for CVE-2024-35673