CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-23837

A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote attackers to add admin (or other) users after an authenticated admin visits a third-party site or clicks on a URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

http://get-simple.info/extend/plugin/multi-user/133/
https://www.exploit-db.com/exploits/48745
http://get-simple.info/extend/plugin/multi-user/133/
https://www.exploit-db.com/exploits/48745

Products affected by CVE-2020-23837

Multi User Project » Multi User » Version: 1.8.2

cpe:2.3:a:multi_user_project:multi_user:1.8.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-23837

Products

Pricing

Contact Us