Lucene search

PatchstackCVELIST:CVE-2023-46190

HistoryOct 24, 2023 - 10:23 a.m.

CVE-2023-46190 WordPress Novo-Map : your WP posts on custom google maps Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)

2023-10-2410:23:31

CWE-352

Patchstack

www.cve.org

wordpress

novo-map

csrf

vulnerability

cve-2023-46190

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.3%

JSON

Cross-Site Request Forgery (CSRF) vulnerability in Novo-media Novo-Map : your WP posts on custom google maps plugin <= 1.1.2 versions.

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "novo-map",
    "product": "Novo-Map : your WP posts on custom google maps",
    "vendor": "Novo-media",
    "versions": [
      {
        "lessThanOrEqual": "1.1.2",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/novo-map/wordpress-novo-map-your-wp-posts-on-custom-google-maps-plugin-1-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.3%

JSON

Related for CVELIST:CVE-2023-46190