Lucene search

PatchstackCVELIST:CVE-2024-29773

HistoryMar 27, 2024 - 1:21 p.m.

CVE-2024-29773 WordPress BizPrint plugin <= 4.5.5 - CSRF to XSS vulnerability

2024-03-2713:21:19

CWE-352

Patchstack

www.cve.org

cve-2024-29773

csrf

xss

wordpress bizprint plugin

7.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

0.0004 Low

EPSS

Percentile

9.1%

JSON

Cross-Site Request Forgery (CSRF) vulnerability in BizSwoop a CPF Concepts, LLC Brand BizPrint allows Cross-Site Scripting (XSS).This issue affects BizPrint: from n/a through 4.5.5.

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "print-google-cloud-print-gcp-woocommerce",
    "product": "BizPrint",
    "vendor": "BizSwoop a CPF Concepts, LLC Brand",
    "versions": [
      {
        "changes": [
          {
            "at": "4.5.6",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.5.5",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/print-google-cloud-print-gcp-woocommerce/wordpress-bizprint-plugin-4-5-5-csrf-to-xss-vulnerability?_s_id=cve