{"id":6854,"date":"2025-06-14T04:28:13","date_gmt":"2025-06-14T04:28:13","guid":{"rendered":"http:\/\/localhost\/?p=6854"},"modified":"2025-06-14T04:28:13","modified_gmt":"2025-06-14T04:28:13","slug":"easy-flashcards-01-cross-site-request-forgery-to-stored-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=6854","title":{"rendered":"Easy Flashcards <= 0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nEasy Flashcards <= 0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-14T08:23:23.104Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nsagesony<\/td>\n<\/tr>\n
Product<\/th>\nEasy Flashcards<\/td>\n<\/tr>\n
Version<\/th>\n*<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n6.1 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:L\/I:L\/A:N<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nThe Easy Flashcards WordPress plugin is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 0.1. This vulnerability allows unauthenticated attackers to update settings and inject malicious scripts via forged requests, potentially compromising site integrity if an administrator is tricked into clicking a malicious link.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nsagesony<\/td>\n<\/tr>\n
Product<\/th>\nEasy Flashcards<\/td>\n<\/tr>\n
Affected Version<\/th>\n0.1<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n