Lucene search
PatchstackCVELIST:CVE-2023-48278HistoryNov 30, 2023 - 4:08 p.m.
CVE-2023-48278 WordPress WP Forms Puzzle Captcha Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to XSS
2023-11-3016:08:50
CWE-352
Patchstack
www.cve.org
1
cve-2023-48278
wordpress
cross site request forgery
xss
nitin rathod
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.0%
Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Stored XSS.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-forms-puzzle-captcha",
"product": "WP Forms Puzzle Captcha",
"vendor": "Nitin Rathod",
"versions": [
{
"lessThanOrEqual": "4.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2023-48278
2023-11-30 17:15:11
prion
prion
Cross site request forgery (csrf)
2023-11-30 17:15:00
wpvulndb
wpvulndb
nvd
nvd
CVE-2023-48278
2023-11-30 17:15:11
wordfence
wordfence
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.0%
Related for CVELIST:CVE-2023-48278