Aggregates CVE and security vulnerability intelligence across all infigosoftware-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-0763 | The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack | [email protected] | 4.3 | 0.06% | 2023-05-15 | 2025-01-24 |
| CVE-2023-0762 | The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack | [email protected] | 4.3 | 0.07% | 2023-05-15 | 2025-01-24 |
| CVE-2023-0761 | The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack | [email protected] | 4.3 | 0.07% | 2023-05-15 | 2025-01-24 |