CVE-2023-48290

EPSS 0.11%
Veröffentlicht 04.06.2024 11:15:48
Zuletzt bearbeitet 21.11.2024 08:31:24
Quelle audit@patchstack.com
Teams Watchlist Login
Unerledigt Login

Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through 1.15.20.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

10web ≫ Form Maker SwPlatformwordpress Version < 1.15.21

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.11%	0.308

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
audit@patchstack.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-307 Improper Restriction of Excessive Authentication Attempts

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.

https://patchstack.com/database/vulnerability/form-maker/wordpress-form-maker-by-10web-plugin-1-15-20-captcha-bypass-vulnerability-vulnerability?_s_id=cve

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-48290

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-48290

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-48290

EUVD