Search criteria
6 vulnerabilities found for Recipe Maker For Your Food Blog from Zip Recipes by Really Simple Plugins
CVE-2023-52180 (GCVE-0-2023-52180)
Vulnerability from cvelistv5 – Published: 2023-12-31 10:17 – Updated: 2024-08-02 22:55
VLAI?
Title
WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.1.0 is vulnerable to SQL Injection
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.This issue affects Recipe Maker For Your Food Blog from Zip Recipes: from n/a through 8.1.0.
Severity ?
7.6 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes |
Affected:
n/a , ≤ 8.1.0
(custom)
|
Credits
Muhammad Daffa (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-1-0-sql-injection-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "zip-recipes",
"product": "Recipe Maker For Your Food Blog from Zip Recipes",
"vendor": "Really Simple Plugins",
"versions": [
{
"changes": [
{
"at": "8.1.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.1.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Muhammad Daffa (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.\u003cp\u003eThis issue affects Recipe Maker For Your Food Blog from Zip Recipes: from n/a through 8.1.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.This issue affects Recipe Maker For Your Food Blog from Zip Recipes: from n/a through 8.1.0.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T10:17:49.210Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-1-0-sql-injection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;8.1.1 or a higher version."
}
],
"value": "Update to\u00a08.1.1 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin \u003c= 8.1.0 is vulnerable to SQL Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-52180",
"datePublished": "2023-12-31T10:17:49.210Z",
"dateReserved": "2023-12-29T10:16:45.174Z",
"dateUpdated": "2024-08-02T22:55:41.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31076 (GCVE-0-2023-31076)
Vulnerability from cvelistv5 – Published: 2023-08-17 08:44 – Updated: 2024-09-25 16:42
VLAI?
Title
WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.6 is vulnerable to Cross Site Scripting (XSS)
Summary
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.6 versions.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes |
Affected:
n/a , ≤ 8.0.6
(custom)
|
Credits
thiennv (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:25.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31076",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T16:14:19.607558Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T16:42:59.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "zip-recipes",
"product": "Recipe Maker For Your Food Blog from Zip Recipes",
"vendor": "Really Simple Plugins",
"versions": [
{
"changes": [
{
"at": "8.0.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.0.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "thiennv (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin \u0026lt;=\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;8.0.6 versions.\u003c/span\u003e"
}
],
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin \u003c=\u00a08.0.6 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-17T08:44:53.942Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;8.0.7 or a higher version."
}
],
"value": "Update to\u00a08.0.7 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin \u003c= 8.0.6 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-31076",
"datePublished": "2023-08-17T08:44:53.942Z",
"dateReserved": "2023-04-24T05:42:59.931Z",
"dateUpdated": "2024-09-25T16:42:59.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35089 (GCVE-0-2023-35089)
Vulnerability from cvelistv5 – Published: 2023-07-17 13:31 – Updated: 2024-10-07 15:13
VLAI?
Title
WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF)
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.7 versions.
Severity ?
4.3 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes |
Affected:
n/a , ≤ 8.0.7
(custom)
|
Credits
Mika (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:58.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35089",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T15:12:18.211667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T15:13:18.587Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "zip-recipes",
"product": "Recipe Maker For Your Food Blog from Zip Recipes",
"vendor": "Really Simple Plugins",
"versions": [
{
"changes": [
{
"at": "8.0.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.0.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Mika (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin \u0026lt;=\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;8.0.7 versions.\u003c/span\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin \u003c=\u00a08.0.7 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-17T13:31:13.212Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;8.0.8 or a higher version."
}
],
"value": "Update to\u00a08.0.8 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin \u003c= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-35089",
"datePublished": "2023-07-17T13:31:13.212Z",
"dateReserved": "2023-06-13T15:10:42.888Z",
"dateUpdated": "2024-10-07T15:13:18.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52180 (GCVE-0-2023-52180)
Vulnerability from nvd – Published: 2023-12-31 10:17 – Updated: 2024-08-02 22:55
VLAI?
Title
WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.1.0 is vulnerable to SQL Injection
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.This issue affects Recipe Maker For Your Food Blog from Zip Recipes: from n/a through 8.1.0.
Severity ?
7.6 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes |
Affected:
n/a , ≤ 8.1.0
(custom)
|
Credits
Muhammad Daffa (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:41.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-1-0-sql-injection-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "zip-recipes",
"product": "Recipe Maker For Your Food Blog from Zip Recipes",
"vendor": "Really Simple Plugins",
"versions": [
{
"changes": [
{
"at": "8.1.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.1.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Muhammad Daffa (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.\u003cp\u003eThis issue affects Recipe Maker For Your Food Blog from Zip Recipes: from n/a through 8.1.0.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.This issue affects Recipe Maker For Your Food Blog from Zip Recipes: from n/a through 8.1.0.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-31T10:17:49.210Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-1-0-sql-injection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;8.1.1 or a higher version."
}
],
"value": "Update to\u00a08.1.1 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin \u003c= 8.1.0 is vulnerable to SQL Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-52180",
"datePublished": "2023-12-31T10:17:49.210Z",
"dateReserved": "2023-12-29T10:16:45.174Z",
"dateUpdated": "2024-08-02T22:55:41.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31076 (GCVE-0-2023-31076)
Vulnerability from nvd – Published: 2023-08-17 08:44 – Updated: 2024-09-25 16:42
VLAI?
Title
WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.6 is vulnerable to Cross Site Scripting (XSS)
Summary
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.6 versions.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes |
Affected:
n/a , ≤ 8.0.6
(custom)
|
Credits
thiennv (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:25.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31076",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T16:14:19.607558Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T16:42:59.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "zip-recipes",
"product": "Recipe Maker For Your Food Blog from Zip Recipes",
"vendor": "Really Simple Plugins",
"versions": [
{
"changes": [
{
"at": "8.0.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.0.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "thiennv (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin \u0026lt;=\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;8.0.6 versions.\u003c/span\u003e"
}
],
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin \u003c=\u00a08.0.6 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-17T08:44:53.942Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;8.0.7 or a higher version."
}
],
"value": "Update to\u00a08.0.7 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin \u003c= 8.0.6 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-31076",
"datePublished": "2023-08-17T08:44:53.942Z",
"dateReserved": "2023-04-24T05:42:59.931Z",
"dateUpdated": "2024-09-25T16:42:59.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35089 (GCVE-0-2023-35089)
Vulnerability from nvd – Published: 2023-07-17 13:31 – Updated: 2024-10-07 15:13
VLAI?
Title
WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF)
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.7 versions.
Severity ?
4.3 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Really Simple Plugins | Recipe Maker For Your Food Blog from Zip Recipes |
Affected:
n/a , ≤ 8.0.7
(custom)
|
Credits
Mika (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:58.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35089",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T15:12:18.211667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T15:13:18.587Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "zip-recipes",
"product": "Recipe Maker For Your Food Blog from Zip Recipes",
"vendor": "Really Simple Plugins",
"versions": [
{
"changes": [
{
"at": "8.0.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.0.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Mika (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin \u0026lt;=\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;8.0.7 versions.\u003c/span\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin \u003c=\u00a08.0.7 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-17T13:31:13.212Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;8.0.8 or a higher version."
}
],
"value": "Update to\u00a08.0.8 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin \u003c= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-35089",
"datePublished": "2023-07-17T13:31:13.212Z",
"dateReserved": "2023-06-13T15:10:42.888Z",
"dateUpdated": "2024-10-07T15:13:18.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}