{"api_version":"1","generated_at":"2026-04-21T16:10:43+00:00","cve":"CVE-2023-25989","urls":{"html":"https://cve.report/CVE-2023-25989","api":"https://cve.report/api/cve/CVE-2023-25989.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-25989","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-25989"},"summary":{"title":"CVE-2023-25989","description":"Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup.","state":"PUBLIC","assigner":"audit@patchstack.com","published_at":"2023-10-03 12:15:00","updated_at":"2023-10-16 17:45:00"},"problem_types":["CWE-352"],"metrics":[],"references":[{"url":"https://patchstack.com/database/vulnerability/meks-easy-ads-widget/wordpress-meks-easy-ads-widget-plugin-2-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-easy-ads-widget/wordpress-meks-easy-ads-widget-plugin-2-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks Easy Ads Widget plugin <= 2.0.7 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://patchstack.com/database/vulnerability/meks-themeforest-smart-widget/wordpress-meks-themeforest-smart-widget-plugin-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-themeforest-smart-widget/wordpress-meks-themeforest-smart-widget-plugin-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks ThemeForest Smart Widget plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://patchstack.com/database/vulnerability/meks-audio-player/wordpress-meks-audio-player-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-audio-player/wordpress-meks-audio-player-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks Audio Player plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://patchstack.com/database/vulnerability/meks-smart-social-widget/wordpress-meks-smart-social-widget-plugin-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-smart-social-widget/wordpress-meks-smart-social-widget-plugin-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks Smart Social Widget plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://patchstack.com/database/vulnerability/meks-easy-instagram-widget/wordpress-meks-easy-photo-feed-widget-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-easy-instagram-widget/wordpress-meks-easy-photo-feed-widget-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks Easy Photo Feed Widget plugin <= 1.2.7 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://patchstack.com/database/vulnerability/meks-easy-maps/wordpress-meks-easy-maps-plugin-2-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-easy-maps/wordpress-meks-easy-maps-plugin-2-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks Easy Maps plugin <= 2.1.3 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://patchstack.com/database/vulnerability/meks-time-ago/wordpress-meks-time-ago-plugin-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-time-ago/wordpress-meks-time-ago-plugin-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks Time Ago plugin <= 1.1.6 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://patchstack.com/database/vulnerability/meks-video-importer/wordpress-meks-video-importer-plugin-1-0-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-video-importer/wordpress-meks-video-importer-plugin-1-0-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks Video Importer plugin <= 1.0.10 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://patchstack.com/database/vulnerability/meks-smart-author-widget/wordpress-meks-smart-author-widget-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-smart-author-widget/wordpress-meks-smart-author-widget-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks Smart Author Widget plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://patchstack.com/database/vulnerability/meks-simple-flickr-widget/wordpress-meks-simple-flickr-widget-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","name":"https://patchstack.com/database/vulnerability/meks-simple-flickr-widget/wordpress-meks-simple-flickr-widget-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","tags":[],"title":"WordPress Meks Simple Flickr Widget plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-25989","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25989","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"1.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_audio_player","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"2.0.7","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_easy_ads_widget","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"2.1.3","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_easy_maps","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"1.2.7","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_easy_photo_feed_widget","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"1.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_simple_flickr_widget","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"1.1.3","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_smart_author_widget","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"1.6","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_smart_social_widget","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"1.4","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_themeforest_smart_widget","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"1.1.6","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_time_ago","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"25989","vulnerable":"1","versionEndIncluding":"1.0.10","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mekshq","cpe5":"meks_video_importer","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"wordpress","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-25989","ASSIGNER":"audit@patchstack.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-352 Cross-Site Request Forgery (CSRF)","cweId":"CWE-352"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Meks","product":{"product_data":[{"product_name":"Meks Video Importer","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"1.0.11","status":"unaffected"}],"lessThanOrEqual":"1.0.10","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Meks Time Ago","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"1.1.7","status":"unaffected"}],"lessThanOrEqual":"1.1.6","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Meks ThemeForest Smart Widget","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"1.5","status":"unaffected"}],"lessThanOrEqual":"1.4","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Meks Smart Author Widget","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"1.1.4","status":"unaffected"}],"lessThanOrEqual":"1.1.3","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Meks Audio Player","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"1.3","status":"unaffected"}],"lessThanOrEqual":"1.2","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Meks Easy Maps","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"2.1.4","status":"unaffected"}],"lessThanOrEqual":"2.1.3","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Meks Easy Photo Feed Widget","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"1.2.8","status":"unaffected"}],"lessThanOrEqual":"1.2.7","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Meks Simple Flickr Widget","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"1.3","status":"unaffected"}],"lessThanOrEqual":"1.2","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Meks Easy Ads Widget","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"2.0.8","status":"unaffected"}],"lessThanOrEqual":"2.0.7","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Meks Smart Social Widget","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"changes":[{"at":"1.6.1","status":"unaffected"}],"lessThanOrEqual":"1.6","status":"affected","version":"n/a","versionType":"custom"}],"defaultStatus":"unaffected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://patchstack.com/database/vulnerability/meks-video-importer/wordpress-meks-video-importer-plugin-1-0-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-video-importer/wordpress-meks-video-importer-plugin-1-0-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"},{"url":"https://patchstack.com/database/vulnerability/meks-time-ago/wordpress-meks-time-ago-plugin-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-time-ago/wordpress-meks-time-ago-plugin-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"},{"url":"https://patchstack.com/database/vulnerability/meks-themeforest-smart-widget/wordpress-meks-themeforest-smart-widget-plugin-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-themeforest-smart-widget/wordpress-meks-themeforest-smart-widget-plugin-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"},{"url":"https://patchstack.com/database/vulnerability/meks-smart-author-widget/wordpress-meks-smart-author-widget-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-smart-author-widget/wordpress-meks-smart-author-widget-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"},{"url":"https://patchstack.com/database/vulnerability/meks-audio-player/wordpress-meks-audio-player-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-audio-player/wordpress-meks-audio-player-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"},{"url":"https://patchstack.com/database/vulnerability/meks-easy-maps/wordpress-meks-easy-maps-plugin-2-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-easy-maps/wordpress-meks-easy-maps-plugin-2-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"},{"url":"https://patchstack.com/database/vulnerability/meks-easy-instagram-widget/wordpress-meks-easy-photo-feed-widget-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-easy-instagram-widget/wordpress-meks-easy-photo-feed-widget-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"},{"url":"https://patchstack.com/database/vulnerability/meks-simple-flickr-widget/wordpress-meks-simple-flickr-widget-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-simple-flickr-widget/wordpress-meks-simple-flickr-widget-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"},{"url":"https://patchstack.com/database/vulnerability/meks-easy-ads-widget/wordpress-meks-easy-ads-widget-plugin-2-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-easy-ads-widget/wordpress-meks-easy-ads-widget-plugin-2-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"},{"url":"https://patchstack.com/database/vulnerability/meks-smart-social-widget/wordpress-meks-smart-social-widget-plugin-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","refsource":"MISC","name":"https://patchstack.com/database/vulnerability/meks-smart-social-widget/wordpress-meks-smart-social-widget-plugin-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"EXTERNAL"},"solution":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update&nbsp;Meks Video Importer to&nbsp;1.0.11 or a higher version.<br>"}],"value":"Update Meks Video Importer to 1.0.11 or a higher version.\n"},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update&nbsp;Meks Time Ago to 1.1.7 or a higher version."}],"value":"Update Meks Time Ago to 1.1.7 or a higher version."},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update Meks ThemeForest Smart Widget to 1.5 or a higher version."}],"value":"Update Meks ThemeForest Smart Widget to 1.5 or a higher version."},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update Meks Smart Author Widget to 1.1.4 or a higher version.<br>"}],"value":"Update Meks Smart Author Widget to 1.1.4 or a higher version.\n"},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update&nbsp;Meks Audio Player to 1.3 or a higher version."}],"value":"Update Meks Audio Player to 1.3 or a higher version."},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update Meks Easy Maps to 2.1.4 or a higher version.<br>"}],"value":"Update Meks Easy Maps to 2.1.4 or a higher version.\n"},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update Meks Easy Photo Feed Widget to 1.2.8 or a higher version.<br>"}],"value":"Update Meks Easy Photo Feed Widget to 1.2.8 or a higher version.\n"},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update&nbsp;Meks Simple Flickr Widget to 1.3 or a higher version."}],"value":"Update Meks Simple Flickr Widget to 1.3 or a higher version."},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update Meks Easy Ads Widget to&nbsp;2.0.8 or a higher version."}],"value":"Update Meks Easy Ads Widget to 2.0.8 or a higher version."},{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update Meks Smart Social Widget to&nbsp;1.6.1 or a higher version."}],"value":"Update Meks Smart Social Widget to 1.6.1 or a higher version."}],"credits":[{"lang":"en","value":"Muhammad Daffa (Patchstack Alliance)"}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"}]}},"nvd":{"publishedDate":"2023-10-03 12:15:00","lastModifiedDate":"2023-10-16 17:45:00","problem_types":["CWE-352"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_video_importer:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.0.10","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_time_ago:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.1.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_themeforest_smart_widget:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_smart_social_widget:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_smart_author_widget:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.1.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_simple_flickr_widget:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_easy_maps:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"2.1.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_easy_photo_feed_widget:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.2.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_easy_ads_widget:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"2.0.7","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mekshq:meks_audio_player:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}