CVE-2024-50466

{"id": "CVE-2024-50466", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-10-29T17:15:04.640", "references": [{"url": "https://patchstack.com/database/vulnerability/darkmysite/wordpress-darkmysite-advanced-dark-mode-plugin-for-wordpress-plugin-1-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "tags": ["Third Party Advisory"], "source": "audit@patchstack.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Cross-Site Request Forgery (CSRF) vulnerability in DarkMySite DarkMySite \u2013 Advanced Dark Mode Plugin for WordPress darkmysite allows Cross Site Request Forgery.This issue affects DarkMySite \u2013 Advanced Dark Mode Plugin for WordPress: from n/a through 1.2.8."}, {"lang": "es", "value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en DarkMySite DarkMySite \u2013 Advanced Dark Mode Plugin para WordPress darkmysite permite Cross-Site Request Forgery. Este problema afecta a DarkMySite \u2013 Advanced Dark Mode Plugin para WordPress: desde n/a hasta 1.2.8."}], "lastModified": "2024-11-06T23:13:58.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:darkmysite:darkmysite:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "3AFC4933-1BFC-4A16-BB81-310520A4557A", "versionEndIncluding": "1.2.8"}], "operator": "OR"}]}], "sourceIdentifier": "audit@patchstack.com"}