Lucene search
PatchstackCVELIST:CVE-2023-46201HistoryNov 13, 2023 - 4:09 a.m.
CVE-2023-46201 WordPress Auto Login New User After Registration Plugin <= 1.9.6 is vulnerable to Cross Site Request Forgery (CSRF)
2023-11-1304:09:16
CWE-352
Patchstack
www.cve.org
wordpress
csrf
stored xss
plugin
vulnerable
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.1%
Cross-Site Request Forgery (CSRF) vulnerability in Jeff Sherk Auto Login New User After Registration allows Stored XSS.This issue affects Auto Login New User After Registration: from n/a through 1.9.6.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "auto-login-new-user-after-registration",
"product": "Auto Login New User After Registration",
"vendor": "Jeff Sherk",
"versions": [
{
"lessThanOrEqual": "1.9.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-46201
2023-11-13 05:15:08
cve
cve
CVE-2023-46201
2023-11-13 05:15:08
prion
prion
Cross site request forgery (csrf)
2023-11-13 05:15:00
wpvulndb
wpvulndb
Auto Login New User After Registration <= 1.9.6 - Stored XSS via CSRF
2023-11-15 00:00:00
wordfence
wordfence
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.1%
Related for CVELIST:CVE-2023-46201