CVE-2023-51678

Опубликовано: 05 янв. 2024

Источник: nvd

CVSS3: 4.3

CVSS3: 6.5

EPSS Низкий

Описание

Cross-Site Request Forgery (CSRF) vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.0.33.

Ссылки

https://patchstack.com/database/vulnerability/doofinder-for-woocommerce/wordpress-doofinder-wp-woocommerce-search-plugin-2-0-33-broken-access-control-vulnerability?_s_id=cve
Third Party Advisory
https://patchstack.com/database/vulnerability/doofinder-for-woocommerce/wordpress-doofinder-wp-woocommerce-search-plugin-2-0-33-broken-access-control-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:doofinder:doofinder:*:*:*:*:*:wordpress:*:*

Версия до 2.0.33 (включая)

EPSS

Процентиль: 21%

0.00067

Низкий

4.3 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-5ghg-77c4-pg6g

CVSS3: 4.3

github

около 2 лет назад

Cross-Site Request Forgery (CSRF) vulnerability in Doofinder Doofinder WP & WooCommerce Search.This issue affects Doofinder WP & WooCommerce Search: from n/a through 2.0.33.

EPSS

Процентиль: 21%

0.00067

Низкий

4.3 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-352