Lucene search

K
nvd[email protected]NVD:CVE-2022-47440
HistoryMar 13, 2023 - 10:15 a.m.

CVE-2022-47440

2023-03-1310:15:09
CWE-352
web.nvd.nist.gov
cross-site request forgery
joseph c dolson
cve-2022-47440
my tickets plugin

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

27.5%

Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Tickets pluginΒ <= 1.9.10 versions.

Affected configurations

NVD
Node
my_tickets_projectmy_ticketsRange<1.9.11wordpress

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

27.5%

Related for NVD:CVE-2022-47440