Lucene search

[email protected]NVD:CVE-2022-41978

HistoryNov 09, 2022 - 4:15 p.m.

CVE-2022-41978

2022-11-0916:15:18

CWE-264

[email protected]

web.nvd.nist.gov

cve-2022-41978

zoho crm

lead magnet

wordpress

vulnerability

arbitrary

options update

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

31.9%

JSON

Auth. (subscriber+) Arbitrary Options Update vulnerability in Zoho CRM Lead Magnet plugin <= 1.7.5.8 on WordPress.

Affected configurations

NVD

Node

zohocorpzoho_crm_lead_magnetRange≤1.7.5.8wordpress

References

patchstack.com/database/vulnerability/zoho-crm-forms/wordpress-zoho-crm-lead-magnet-plugin-1-7-5-6-auth-arbitrary-options-update-vulnerability?_s_id=cve

wordpress.org/plugins/zoho-crm-forms/#developers

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

31.9%

JSON

Related for NVD:CVE-2022-41978

cve1 wpvulndb1 prion1 patchstack1 cvelist1 wpexploit1