Search

Find a vulnerability

Search criteria

    2 vulnerabilities by Kulwant Nagi

    CVE-2023-49148 (GCVE-0-2023-49148)

    Vulnerability from nvd – Published: 2023-12-18 22:08 – Updated: 2026-04-28 16:08
    VLAI
    Title
    WordPress Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates Plugin <= 3.0.5 is vulnerable to Cross Site Request Forgery (CSRF)
    Summary
    Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates.This issue affects Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates: from n/a through 3.0.5.
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    Assigner
    References
    Impacted products
    Credits
    LEE SE HYOUNG (Patchstack Alliance)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:46:29.324Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/affiliatebooster-blocks/wordpress-affiliate-booster-plugin-3-0-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "affiliatebooster-blocks",
              "product": "Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates",
              "vendor": "Kulwant Nagi",
              "versions": [
                {
                  "lessThanOrEqual": "3.0.5",
                  "status": "affected",
                  "version": "n/a",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "LEE SE HYOUNG (Patchstack Alliance)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates.\u003cp\u003eThis issue affects Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates: from n/a through 3.0.5.\u003c/p\u003e"
                }
              ],
              "value": "Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates.This issue affects Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates: from n/a through 3.0.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:08:55.765Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/vulnerability/affiliatebooster-blocks/wordpress-affiliate-booster-plugin-3-0-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates Plugin \u003c= 3.0.5 is vulnerable to Cross Site Request Forgery (CSRF)",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2023-49148",
        "datePublished": "2023-12-18T22:08:11.992Z",
        "dateReserved": "2023-11-22T23:35:38.289Z",
        "dateUpdated": "2026-04-28T16:08:55.765Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-49148 (GCVE-0-2023-49148)

    Vulnerability from cvelistv5 – Published: 2023-12-18 22:08 – Updated: 2026-04-28 16:08
    VLAI
    Title
    WordPress Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates Plugin <= 3.0.5 is vulnerable to Cross Site Request Forgery (CSRF)
    Summary
    Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates.This issue affects Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates: from n/a through 3.0.5.
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    Assigner
    References
    Impacted products
    Credits
    LEE SE HYOUNG (Patchstack Alliance)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T21:46:29.324Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/affiliatebooster-blocks/wordpress-affiliate-booster-plugin-3-0-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "affiliatebooster-blocks",
              "product": "Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates",
              "vendor": "Kulwant Nagi",
              "versions": [
                {
                  "lessThanOrEqual": "3.0.5",
                  "status": "affected",
                  "version": "n/a",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "LEE SE HYOUNG (Patchstack Alliance)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates.\u003cp\u003eThis issue affects Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates: from n/a through 3.0.5.\u003c/p\u003e"
                }
              ],
              "value": "Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates.This issue affects Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates: from n/a through 3.0.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:08:55.765Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/vulnerability/affiliatebooster-blocks/wordpress-affiliate-booster-plugin-3-0-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress Affiliate Booster \u2013 Pros \u0026 Cons, Notice, and CTA Blocks for Affiliates Plugin \u003c= 3.0.5 is vulnerable to Cross Site Request Forgery (CSRF)",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2023-49148",
        "datePublished": "2023-12-18T22:08:11.992Z",
        "dateReserved": "2023-11-22T23:35:38.289Z",
        "dateUpdated": "2026-04-28T16:08:55.765Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }