Lucene search
HistoryOct 10, 2023 - 2:15 p.m.
CVE-2023-44470
cross-site request forgery
kvvaradha kv
tinymce editor add fonts
plugin
security vulnerability
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
24.1%
Cross-Site Request Forgery (CSRF) vulnerability in Kvvaradha Kv TinyMCE Editor Add Fonts plugin <= 1.1 versions.
Affected configurations
Node
kvvaradhakv_tinymce_editor_add_fontsRange≤1.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kvvaradha | kv_tinymce_editor_add_fonts | * | cpe:2.3:a:kvvaradha:kv_tinymce_editor_add_fonts:*:*:*:*:*:wordpress:*:* |
Related
vulnrichment
vulnrichment
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2023-10-10 14:15:00
wpvulndb
wpvulndb
Kv TinyMCE Editor Add Fonts <= 1.1 - Font List Update via CSRF
2023-10-11 00:00:00
cve
cve
CVE-2023-44470
2023-10-10 14:15:10
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
24.1%
Related for NVD:CVE-2023-44470