CVSS 3.1 Score 4.3 of 10 (medium)


Published Apr 24, 2024
CWE ID 352


CVE-2024-32728 is a Cross-Site Request Forgery (CSRF) vulnerability that affects Cozmoslabs Paid Member Subscriptions versions up to 2.11.0. The vulnerability has a base severity rating of MEDIUM and requires user interaction over a network. It does not require any privileges and has a low impact on integrity and confidentiality. The vulnerability can be exploited by an attacker to forge requests on behalf of authenticated users, potentially leading to unauthorized actions being performed within the affected organization's system. The exploitability score is 2.8, and the base score is 4.3 according to CVSS version 3.1. No specific information regarding remediation or potential danger beyond the mentioned impact is provided in the source text for this vulnerability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-32728 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options