CVE-2023-51486

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

ross-Site Request Forgery (CSRF) vulnerability in RedNao WooCommerce PDF Invoice Builder.This issue affects WooCommerce PDF Invoice Builder: from n/a through 1.2.101.

References

Link	Resource
https://patchstack.com/database/vulnerability/woo-pdf-invoice-builder/wordpress-woocommerce-pdf-invoice-builder-create-invoices-packing-slips-and-more-plugin-1-2-101-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	Third Party Advisory
https://patchstack.com/database/vulnerability/woo-pdf-invoice-builder/wordpress-woocommerce-pdf-invoice-builder-create-invoices-packing-slips-and-more-plugin-1-2-101-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:rednao:woocommerce_pdf_invoice_builder:*:*:*:*:*:wordpress:*:*

History

27 Feb 2025, 03:24

Type	Values Removed	Values Added
First Time		Rednao woocommerce Pdf Invoice Builder Rednao
References	() https://patchstack.com/database/vulnerability/woo-pdf-invoice-builder/wordpress-woocommerce-pdf-invoice-builder-create-invoices-packing-slips-and-more-plugin-1-2-101-cross-site-request-forgery-csrf-vulnerability?_s_id=cve -	() https://patchstack.com/database/vulnerability/woo-pdf-invoice-builder/wordpress-woocommerce-pdf-invoice-builder-create-invoices-packing-slips-and-more-plugin-1-2-101-cross-site-request-forgery-csrf-vulnerability?_s_id=cve - Third Party Advisory
CPE		cpe:2.3:a:rednao:woocommerce_pdf_invoice_builder::::::wordpress::*

21 Nov 2024, 08:38

Type	Values Removed	Values Added
References	() https://patchstack.com/database/vulnerability/woo-pdf-invoice-builder/wordpress-woocommerce-pdf-invoice-builder-create-invoices-packing-slips-and-more-plugin-1-2-101-cross-site-request-forgery-csrf-vulnerability?_s_id=cve -	() https://patchstack.com/database/vulnerability/woo-pdf-invoice-builder/wordpress-woocommerce-pdf-invoice-builder-create-invoices-packing-slips-and-more-plugin-1-2-101-cross-site-request-forgery-csrf-vulnerability?_s_id=cve -

Information

Published : 2024-03-16 02:15

Updated : 2025-02-27 03:24

NVD link : CVE-2023-51486

Mitre link : CVE-2023-51486

CVE.ORG link : CVE-2023-51486

JSON object : View

Products Affected

rednao

woocommerce_pdf_invoice_builder

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

5.4 /10