Lucene search
PatchstackCVELIST:CVE-2024-38776HistoryAug 02, 2024 - 7:25 a.m.
CVE-2024-38776 WordPress WP GoToWebinar plugin <= 15.7 - CSRF to XSS vulnerability
2024-08-0207:25:53
CWE-352
Patchstack
www.cve.org
4
wordpress
gotowebinar
csrf
xss
vulnerability
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
9.4%
Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson WP GoToWebinar allows Cross-Site Scripting (XSS).This issue affects WP GoToWebinar: from n/a through 15.7.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-gotowebinar",
"product": "WP GoToWebinar",
"vendor": "Martin Gibson",
"versions": [
{
"changes": [
{
"at": "15.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "15.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-38776
2024-08-02 08:15:42
vulnrichment
vulnrichment
cve
cve
CVE-2024-38776
2024-08-02 08:15:42
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS
0
Percentile
9.4%
Related for CVELIST:CVE-2024-38776