A vulnerability was found in meitar Inline Google Spreadsheet Viewer Plugin up to 0.9.6 on WordPress and classified as problematic. Affected by this issue is the function displayShortcode of the file inline-gdocs-viewer.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 0.9.6.1 is able to address this issue. The patch is identified as 2a8057df8ca30adc859cecbe5cad21ac28c5b747. It is recommended to upgrade the affected component. VDB-230234 is the identifier assigned to this vulnerability.
Published 2023-05-31 19:15:12
Updated 2024-05-17 01:03:09
Source VulDB
View at NVD,   CVE.org
Vulnerability category: Cross-site request forgery (CSRF)

Products affected by CVE-2015-10108

Exploit prediction scoring system (EPSS) score for CVE-2015-10108

0.11%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 44 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-10108

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
5.0
MEDIUM AV:N/AC:L/Au:N/C:N/I:P/A:N
10.0
2.9
VulDB
4.3
MEDIUM CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2.8
1.4
VulDB
4.3
MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
2.8
1.4
VulDB 2024-02-29
8.8
HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.8
5.9
NIST

CWE ids for CVE-2015-10108

  • The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
    Assigned by: cna@vuldb.com (Primary)

References for CVE-2015-10108

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!