Vulnerability identifier: #VU24724

Vulnerability risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-8417

CWE-ID: CWE-352

Exploitation vector: Network

Exploits in database: 4

• February 21, 2021
  • WordPress_CVE-2020-8417 (CSRF Code snippet vulnerability CVE-2020-8417) [Github]
• January 3, 2021
  • codesnippets_CVE-2020-8417 () [Github]
• June 3, 2020
  • wp-codesnippets-cve-2020-8417 (Docker repository with a PoC for WP Code Snippets 2.13.3 (CVE-2020-8417)) [Github]
  • CVE-2020-8417 () [Github]

Impact: Information disclosure and data manipulation

Vulnerable software:
Code Snippets
Web applications / Modules and components for CMS

Vendor: Shea Bunge