PatchstackCVELIST:CVE-2023-52200CVE-2023-52200 WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.1%
Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: n/a.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "armember-membership",
"product": "ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup",
"vendor": "Repute Infosystems",
"versions": [
{
"changes": [
{
"at": "4.0.23",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.0.22",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.1%