Lucene search
K

106 matches found

Vulnrichment
Vulnrichment
added 2024/05/17 8:37 a.m.16 views

CVE-2023-47782 WordPress Thrive Theme Builder theme < 3.24.0 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.8CVSS8.8AI score0.00526EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 8:37 a.m.26 views

CVE-2023-47782 WordPress Thrive Theme Builder theme < 3.24.0 - Authenticated Privilege Escalation vulnerability

Improper Privilege Management vulnerability in Thrive Themes Thrive Theme Builder allows Privilege Escalation.This issue affects Thrive Theme Builder: from n/a before 3.24.0...

8.8CVSS8.8AI score0.00526EPSS
Exploits0References1
NVD
NVD
added 2024/02/29 5:15 a.m.33 views

CVE-2023-51531

Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...

8.8CVSS5.5AI score0.00234EPSS
Exploits0References1
OSV
OSV
added 2024/02/29 5:15 a.m.5 views

CVE-2023-51531

Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...

8.8CVSS7.3AI score0.00234EPSS
Exploits0References1
Prion
Prion
added 2024/02/29 5:15 a.m.21 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...

5.8CVSS7.2AI score0.00234EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/29 4:59 a.m.7 views

CVE-2023-51531 WordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...

5.4CVSS6.7AI score0.00234EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/29 4:59 a.m.31 views

CVE-2023-51531 WordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17...

5.4CVSS5.8AI score0.00234EPSS
Exploits0References1
CVE
CVE
added 2024/02/29 4:59 a.m.104 views

CVE-2023-51531

Technical details about CVE-2023-51531 (CSRF in Thrive Automator) are not provided in the connected documents. Available sources confirm Thrive Automator affects versions up to 1.17, but do not disclose exploitation vectors, root cause specifics, or mitigations. Monitor for updates.

8.8CVSS6.7AI score0.00234EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.5 views

WordPress Plugin Thrive Automator Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

8.8CVSS6.6AI score0.00234EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.7 views

PT-2024-14184 · Thrive Themes · Thrive Automator

Name of the Vulnerable Software and Affected Versions: Thrive Automator versions 1.17 and earlier Description: A Cross-Site Request Forgery CSRF issue affects Thrive Automator, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations: For Thrive...

8.8CVSS6.3AI score0.00234EPSS
Exploits0References6
Patchstack
Patchstack
added 2023/12/27 12:0 a.m.9 views

WordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF)

Software Thrive Automator Type Plugin Vulnerable versions = 1.17 Fixed in 1.17.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51531 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 2f7174a74dd1 Credits Brandon Roldan...

8.8CVSS6.6AI score0.00234EPSS
Exploits0References2Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.19 views

Thrive Theme Builder < 3.24.2 - Cross-Site Request Forgery

Description The theme does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS9.4AI score0.00304EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.14 views

Thrive Theme Builder < 3.24.0 - Missing Authorization

Description The theme is vulnerable to unauthorized use of functionality due to missing capability check in one of its functions. This makes it possible for authenticated attackers, with subscriber-level access and above, to invoke this function intended for higher-privileged users. The exact...

9.2AI score0.00356EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/23 12:0 a.m.16 views

Thrive Theme Builder < 3.24.0 - Subscriber+ Privilege Escalation

Description The them is vulnerable to privilege escalation, allowing any authenticated users, such as subscribers to elevate their privileges...

9.4AI score0.00526EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/11/22 7:15 p.m.4 views

CVE-2023-47781

Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Theme Builder 3.24.2 versions...

8.8CVSS7.3AI score
Exploits0References1
NVD
NVD
added 2023/11/22 7:15 p.m.30 views

CVE-2023-47781

Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Theme Builder 3.24.2 versions...

8.8CVSS0.00304EPSS
Exploits0References1
Prion
Prion
added 2023/11/22 7:15 p.m.18 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Theme Builder 3.24.2 versions...

6.8CVSS8.8AI score0.00304EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/22 6:27 p.m.24 views

CVE-2023-47781 WordPress Thrive Theme Builder Theme < 3.24.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Thrive Themes Thrive Theme Builder 3.24.2 versions...

8.8CVSS9AI score0.00304EPSS
Exploits0References1
CVE
CVE
added 2023/11/22 6:27 p.m.57 views

CVE-2023-47781

Thrive Theme Builder (WordPress) before version 3.24.2 is vulnerable to Cross-Site Request Forgery (CSRF). Root cause: missing CSRF checks in the affected theme builder, enabling unauthorized actions by forged requests from logged-in users. Impact per CVSS: high (8.8/10), affecting confidentialit...

8.8CVSS8.9AI score0.00304EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.3 views

PT-2023-30604 · Unknown · Thrive Theme Builder

Name of the Vulnerable Software and Affected Versions: Thrive Theme Builder versions prior to 3.24.2 Description: A Cross-Site Request Forgery CSRF issue exists, which is a type of attack that tricks a user into performing unintended actions on a web application. Recommendations: For versions pri...

8.8CVSS9.1AI score0.00304EPSS
Exploits0References3
Rows per page
Query Builder