CVE-2023-48290

EPSS 0.11%
Published 04.06.2024 11:15:48
Last modified 21.11.2024 08:31:24
Source audit@patchstack.com
Teams watchlist Login
Open Login

Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through 1.15.20.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

10web ≫ Form Maker SwPlatformwordpress Version < 1.15.21

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.308

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
audit@patchstack.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-307 Improper Restriction of Excessive Authentication Attempts

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.

https://patchstack.com/database/vulnerability/form-maker/wordpress-form-maker-by-10web-plugin-1-15-20-captcha-bypass-vulnerability-vulnerability?_s_id=cve

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-48290

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-48290

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-48290

EUVD