Lucene search

K
patchstackMikaPATCHSTACK:3C8DBFAF6E380510836153EBB35D44E6
HistoryJul 19, 2023 - 12:00 a.m.

WordPress WP-CopyProtect [Protect your blog posts] Plugin <= 3.1.0 is vulnerable to Cross Site Request Forgery (CSRF)

2023-07-1900:00:00
Mika
patchstack.com
1
wordpress wp-copyprotect
protect your blog posts
plugin
vulnerable versions
cross site request forgery
csrf
cve-2023-25025
low severity
unauthenticated

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

Software

WP-CopyProtect [Protect your blog posts]

Type

Plugin

Vulnerable versions

<= 3.1.0

Fixed in

N/A

OWASP Top 10

A5: Broken Access Control

Classification

Cross Site Request Forgery (CSRF)

CVE

CVE-2023-25025

Patch priority

Low

CVSS severity

Low (4.3)

Developer

Claim ownership

PSID

483e3127703e

Credits

Mika Mika

Required privilege

Unauthenticated

Published

19 July, 2023

Remove and replace plugin Expand full details Have additional information or questions about this entry? Let us know.

Solution

This security issue has a low severity impact and is unlikely to be exploited.

Affected configurations

Vulners
Node
chetangolewp-copyprotect_\[protect_your_blog_posts\]Range3.1.0wordpress
VendorProductVersionCPE
chetangolewp-copyprotect_\[protect_your_blog_posts\]*cpe:2.3:a:chetangole:wp-copyprotect_\[protect_your_blog_posts\]:*:*:*:*:*:wordpress:*:*

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

Related for PATCHSTACK:3C8DBFAF6E380510836153EBB35D44E6