Vulnerabilities > CVE-2024-22290 - Unspecified vulnerability in Custom Dashboard Widgets Project Custom Dashboard Widgets 1.3.1

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

custom-dashboard-widgets-project

NVD

Published: 2024-01-31

Updated: 2024-11-21

Summary

Cross-Site Request Forgery (CSRF) vulnerability in AboZain,O7abeeb,UnitOne Custom Dashboard Widgets allows Cross-Site Scripting (XSS).This issue affects Custom Dashboard Widgets: from n/a through 1.3.1.

Vulnerable Configurations

Part	Description	Count
Application	Custom_Dashboard_Widgets_Project Custom Dashboard Widgets Project Custom Dashboard Widgets - Custom Dashboard Widgets Project Custom Dashboard Widgets 1.3.1	2

References

https://patchstack.com/database/vulnerability/custom-dashboard-widgets/wordpress-custom-dashboard-widgets-plugin-1-3-1-csrf-to-xss-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/custom-dashboard-widgets/wordpress-custom-dashboard-widgets-plugin-1-3-1-csrf-to-xss-vulnerability?_s_id=cve