Lucene search
PatchstackCVELIST:CVE-2024-31086HistoryApr 15, 2024 - 7:46 a.m.
CVE-2024-31086 WordPress Change default login logo,url and title plugin <= 2.0 - CSRF to XSS vulnerability
2024-04-1507:46:20
CWE-352
Patchstack
www.cve.org
cve-2024-31086
wordpress
csrf
xss
vulnerability
plugin
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.0%
Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Change default login logo,url and title allows Cross-Site Scripting (XSS).This issue affects Change default login logo,url and title: from n/a through 2.0.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "change-default-login-logo-url-and-title",
"product": "Change default login logo,url and title",
"vendor": "Venugopal",
"versions": [
{
"lessThanOrEqual": "2.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Change default login logo,url and title <= 2.0 - Cross-Site Request Forgery
2024-04-03 00:00:00
cve
cve
CVE-2024-31086
2024-04-15 08:15:11
nvd
nvd
CVE-2024-31086
2024-04-15 08:15:11
wordfence
wordfence
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.0%
Related for CVELIST:CVE-2024-31086