CVE-2023-5424

🗓️ 07 Jun 2024 10:10:15Reported by [email protected]Type

WordPress plugin WS Form LITE up to version 1.9.217 allows unauthenticated CSV Injection, leading to potential code execution

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Cvelist	CVE-2023-5424 WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection	7 Jun 202409:33	–	cvelist
CVE	CVE-2023-5424	7 Jun 202410:15	–	cve
Patchstack	WordPress WS Form LITE Plugin <= 1.9.217 is vulnerable to CSV Injection	7 Jun 202400:00	–	patchstack
Patchstack	WordPress WS Form Pro Plugin <= 1.9.217 is vulnerable to CSV Injection	7 Jun 202400:00	–	patchstack
RedhatCVE	CVE-2023-5424	23 May 202504:31	–	redhatcve
WPVulnDB	WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection	6 Jun 202400:00	–	wpvulndb
Vulnrichment	CVE-2023-5424 WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection	7 Jun 202409:33	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 3, 2024 to June 9, 2024)	13 Jun 202415:35	–	wordfence

Nvd

Node

westguardsolutions ws_formRange<1.9.218litewordpress

westguardsolutions ws_formRange<1.9.218prowordpress

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/38ccaa81-77ec-46f2-9bec-d74fa2e093f3
wsform	www.wsform.com/changelog/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

07 Jun 2024 10:15Current

CVSS34.7 - 8.8

EPSS0.01191

CWE-1236