Lucene search
PatchstackCVELIST:CVE-2023-25058HistoryMay 26, 2023 - 2:19 p.m.
CVE-2023-25058 WordPress Schema – All In One Schema Rich Snippets Plugin <= 1.6.5 is vulnerable to Cross Site Request Forgery (CSRF)
2023-05-2614:19:02
CWE-352
Patchstack
www.cve.org
1
cve-2023-25058
cross-site request forgery
wordpress
schema
plugin
vulnerable
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.7%
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Schema – All In One Schema Rich Snippets plugin <= 1.6.5 versions.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "all-in-one-schemaorg-rich-snippets",
"product": "Schema – All In One Schema Rich Snippets",
"vendor": "Brainstorm Force",
"versions": [
{
"changes": [
{
"at": "1.6.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.6.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2023-25058
2023-05-26 15:15:11
nvd
nvd
CVE-2023-25058
2023-05-26 15:15:11
wpvulndb
wpvulndb
Schema - All In One Schema Rich Snippets < 1.6.6 - Multiple CSRF
2023-02-16 00:00:00
prion
prion
Cross site request forgery (csrf)
2023-05-26 15:15:00
wordfence
wordfence
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.7%
Related for CVELIST:CVE-2023-25058