Lucene search
HistoryNov 13, 2023 - 5:15 p.m.
CVE-2023-35877
cve-2023-35877
csrf
stored xss
extra user details
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.0%
Cross-Site Request Forgery (CSRF) vulnerability in Vadym K. Extra User Details allows Stored XSS.This issue affects Extra User Details: from n/a through 0.5.
Affected configurations
Node
vadimkextra_user_detailsRange<0.5.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| vadimk | extra_user_details | * | cpe:2.3:a:vadimk:extra_user_details:*:*:*:*:*:wordpress:*:* |
Related
vulnrichment
vulnrichment
cvelist
cvelist
cve
cve
CVE-2023-35877
2023-11-13 17:15:07
prion
prion
Cross site request forgery (csrf)
2023-11-13 17:15:00
wordfence
wordfence
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.0%
Related for NVD:CVE-2023-35877