Lucene search
WPScanVULNRICHMENT:CVE-2024-8091HistorySep 17, 2024 - 6:00 a.m.
CVE-2024-8091 Enhanced Search Box <= 0.6.1 - Settings Update via CSRF
2024-09-1706:00:06
WPScan
github.com
1
cve-2024-8091
enhanced search box
wordpress plugin
csrf
vulnerability
AI Score
5.1
Confidence
High
EPSS
0.001
Percentile
18.6%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
The Enhanced Search Box WordPress plugin through 0.6.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:jupitercow:enhanced_search_box:*:*:*:*:*:*:*:*"
],
"vendor": "jupitercow",
"product": "enhanced_search_box",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "semver",
"lessThanOrEqual": "0.6.1"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
CVE-2024-8091 Enhanced Search Box <= 0.6.1 - Settings Update via CSRF
2024-09-17 06:00:06
cve
cve
CVE-2024-8091
2024-09-17 06:15:02
nvd
nvd
CVE-2024-8091
2024-09-17 06:15:02
wordfence
wordfence
AI Score
5.1
Confidence
High
EPSS
0.001
Percentile
18.6%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-8091