-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security

Vulnerability Details

Registries

Custom Views

Weaknesses

Attack Patterns

Filters & Tools

N/A

Source -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0

Related CVEs Related Vendors Related Assigners Reports

0Vulnerabilities found

Assigner-MITRE Corporation

Assigner-MITRE Corporation

CVSS Score-6.5||MEDIUM

EPSS-0.26% / 49.49%

||

7 Day CHG~0.00%

Published-26 Sep, 2019 | 03:51

Updated-06 Aug, 2024 | 08:51

Rejected-Not Available

Known To Be Used In Ransomware Campaigns?-Not Available

KEV Added-Not Available

KEV Action Due Date-Not Available

The avenirsoft-directdownload plugin 1.0 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=avenir_plugin.

Action-Not Available

Vendor-avenirsoft n/a

Product-directdownload n/a

CWE ID-CWE-352

Cross-Site Request Forgery (CSRF)