CVE-2024-31363

Source
https://cve.org/CVERecord?id=CVE-2024-31363
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-31363.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-31363
Published
2024-04-12T12:21:21.564Z
Modified
2026-07-08T06:27:25.652315774Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator
Summary
WordPress LifterLMS plugin <= 7.5.0 - Cross Site Request Forgery (CSRF) vulnerability
Details

Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.This issue affects LifterLMS: from n/a through 7.5.0.

Database specific
{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "last_affected": "7.5.0"
                }
            ]
        },
        {
            "source": "DESCRIPTION",
            "extracted_events": [
                {
                    "fixed": "7.5.0"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/31xxx/CVE-2024-31363.json",
    "cwe_ids": [
        "CWE-352"
    ],
    "cna_assigner": "Patchstack"
}
References

Affected packages

Git / github.com/gocodebox/lifterlms

Affected ranges

Type
GIT
Repo
https://github.com/gocodebox/lifterlms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:lifterlms:lifterlms:*:*:*:*:*:wordpress:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "7.5.1"
        }
    ]
}

Affected versions

1.*
1.0.0
1.1.1
1.2.4
1.2.5
1.2.6
1.3.0
1.3.10
1.3.2
1.3.4
1.3.5
1.3.6
1.3.7
1.3.8
1.3.9
1.4.0
3.*
3.0.0-beta.1
3.0.0-beta.2
3.0.0-beta.3
3.0.0-beta.4
3.0.0-beta.5
3.20.0-beta.1
@lifterlms/brand@0.*
@lifterlms/brand@0.0.1
@lifterlms/brand@0.0.2
@lifterlms/dev@0.*
@lifterlms/dev@0.0.4-alpha.0
@lifterlms/llms-e2e-test-utils@1.*
@lifterlms/llms-e2e-test-utils@1.1.1
@lifterlms/llms-e2e-test-utils@2.*
@lifterlms/llms-e2e-test-utils@2.0.0
@lifterlms/llms-e2e-test-utils@2.1.0
@lifterlms/llms-e2e-test-utils@2.1.2
@lifterlms/llms-e2e-test-utils@2.1.3
@lifterlms/llms-e2e-test-utils@2.2.2
@lifterlms/llms-e2e-test-utils@2.2.3
@lifterlms/llms-e2e-test-utils@3.*
@lifterlms/llms-e2e-test-utils@3.2.0
@lifterlms/scripts@1.*
@lifterlms/scripts@1.2.0
@lifterlms/scripts@1.2.1
@lifterlms/scripts@1.2.3
@lifterlms/scripts@1.2.4
@lifterlms/scripts@1.3.0
@lifterlms/scripts@1.3.1
@lifterlms/scripts@1.3.2
@lifterlms/scripts@1.3.5
@lifterlms/scripts@1.3.7
@lifterlms/scripts@2.*
@lifterlms/scripts@2.2.0
llms-e2e-test-utils@1.*
llms-e2e-test-utils@1.0.0
llms-e2e-test-utils@1.0.1
llms-e2e-test-utils@1.1.0
v1.*
v1.3.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-31363.json"