Lucene search
HistoryMay 22, 2014 - 3:13 p.m.
CVE-2014-3843
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%
Cross-site request forgery (CSRF) vulnerability in the Search Everything plugin before 8.1.1 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Affected configurations
Node
zemantasearch_everythingRange≤8.1wordpress
ORzemantasearch_everythingMatch7.0.2wordpress
ORzemantasearch_everythingMatch7.0.3wordpress
ORzemantasearch_everythingMatch7.0.4wordpress
ORzemantasearch_everythingMatch8.0wordpress
wordpresswordpressMatch-
Related
wpvulndb
wpvulndb
Search Everything 8.1.0 - options.php Unspecified CSRF
2014-05-06 00:00:00
cvelist
cvelist
CVE-2014-3843
2022-10-03 16:20:24
patchstack
patchstack
WordPress Search Everything Plugin <= 8.1.0 - CSRF
2014-05-22 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-05-22 15:13:00
cve
cve
CVE-2014-3843
2022-10-03 16:20:24
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%
Related for NVD:CVE-2014-3843