Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| David Hamilton | OrangeBox | unaffected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Wordpress | Wordpress | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-3432 | Cross-Site Request Forgery (CSRF) vulnerability in David Hamilton OrangeBox allows Cross Site Request Forgery.This issue affects OrangeBox: from n/a through 3.0.0. |
Fri, 17 Jan 2025 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 16 Jan 2025 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Cross-Site Request Forgery (CSRF) vulnerability in David Hamilton OrangeBox allows Cross Site Request Forgery.This issue affects OrangeBox: from n/a through 3.0.0. | |
| Title | WordPress OrangeBox plugin <= 3.0.0 - CSRF to Stored XSS vulnerability | |
| Weaknesses | CWE-352 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2025-01-17T18:01:13.797Z
Reserved: 2025-01-16T11:30:21.147Z
Link: CVE-2025-23800
Vulnrichment
Updated: 2025-01-17T17:50:44.888Z
NVD
Status : Received
Published: 2025-01-16T21:15:21.040
Modified: 2025-01-16T21:15:21.040
Link: CVE-2025-23800
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-07-12T22:16:07Z