Lucene search
PatchstackCVELIST:CVE-2024-37213HistoryJul 12, 2024 - 1:27 p.m.
CVE-2024-37213 WordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.9 - CSRF to XSS vulnerability
2024-07-1213:27:21
CWE-352
Patchstack
www.cve.org
6
wordpress
aliexpress
dropshipping
alinext lite
csrf
xss
vulnerability
ali2woo team
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
9.3%
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Team Ali2Woo Lite allows Cross-Site Scripting (XSS).This issue affects Ali2Woo Lite: from n/a through 3.3.9.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ali2woo-lite",
"product": "Ali2Woo Lite",
"vendor": "Ali2Woo Team",
"versions": [
{
"lessThanOrEqual": "3.3.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-37213
2024-07-12 14:15:12
nvd
nvd
CVE-2024-37213
2024-07-12 14:15:12
vulnrichment
vulnrichment
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
9.3%
Related for CVELIST:CVE-2024-37213