Vulnerability Details CVE-2024-22290
Cross-Site Request Forgery (CSRF) vulnerability in AboZain,O7abeeb,UnitOne Custom Dashboard Widgets allows Cross-Site Scripting (XSS).This issue affects Custom Dashboard Widgets: from n/a through 1.3.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.6%
CVSS Severity
CVSS v3 Score 7.1
References
- https://patchstack.com/database/vulnerability/custom-dashboard-widgets/wordpress-custom-dashboard-widgets-plugin-1-3-1-csrf-to-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/custom-dashboard-widgets/wordpress-custom-dashboard-widgets-plugin-1-3-1-csrf-to-xss-vulnerability?_s_id=cve
Products affected by CVE-2024-22290
-
cpe:2.3:a:custom_dashboard_widgets_project:custom_dashboard_widgets:-
-
cpe:2.3:a:custom_dashboard_widgets_project:custom_dashboard_widgets:1.3.1