Lucene search
PatchstackCVE-2023-37972HistoryNov 30, 2023 - 3:15 p.m.
CVE-2023-37972
2023-11-3015:15:07
CWE-200
Patchstack
web.nvd.nist.gov
14
cve
2023
37972
exposure
sensitive information
unauthorized actor
multivendorx
product stock manager
notifier
woocommerce
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
37.2%
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1.
Affected configurations
Node
multivendorxproduct_stock_manager_\&_notifier_for_woocommerceRange<2.0.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| multivendorx | product_stock_manager_\&_notifier_for_woocommerce | * | cpe:2.3:a:multivendorx:product_stock_manager_\&_notifier_for_woocommerce:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "woocommerce-product-stock-alert",
"product": "Product Stock Manager & Notifier for WooCommerce",
"vendor": "MultiVendorX",
"versions": [
{
"changes": [
{
"at": "2.0.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.0.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-37972
2023-11-30 15:15:07
prion
prion
Code injection
2023-11-30 15:15:00
cvelist
cvelist
wordfence
wordfence
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
37.2%
Related for CVE-2023-37972