Lucene search
HistoryMay 26, 2023 - 12:15 p.m.
CVE-2023-25976
cve-2023-25976
cross-site request forgery
crm perks integration
contact form 7
zoho crm
bigin plugin
security vulnerability
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
5.9
Confidence
High
EPSS
0.001
Percentile
27.7%
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 versions.
Affected configurations
Node
crmperksintegration_for_contact_form_7_and_zoho_crm\,_biginRange≤1.2.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| crmperks | integration_for_contact_form_7_and_zoho_crm\,_bigin | * | cpe:2.3:a:crmperks:integration_for_contact_form_7_and_zoho_crm\,_bigin:*:*:*:*:*:wordpress:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2023-05-26 12:15:00
wpvulndb
wpvulndb
cvelist
cvelist
cve
cve
CVE-2023-25976
2023-05-26 12:15:16
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
5.9
Confidence
High
EPSS
0.001
Percentile
27.7%
Related for NVD:CVE-2023-25976