Lucene search
PatchstackCVE-2024-24715HistoryMay 17, 2024 - 9:15 a.m.
CVE-2024-24715
2024-05-1709:15:22
CWE-1284
Patchstack
web.nvd.nist.gov
41
cve-2024-24715
reserved
security problem
announcement
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
AI Score
6.8
Confidence
High
EPSS
0
Percentile
9.0%
Improper Validation of Specified Quantity in Input vulnerability in The Events Calendar BookIt allows Manipulating Hidden Fields.This issue affects BookIt: from n/a through 2.4.0.
Affected configurations
Node
the_events_calendarbookitRange≤2.4.0wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| the_events_calendar | bookit | * | cpe:2.3:a:the_events_calendar:bookit:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "bookit",
"product": "BookIt",
"vendor": "The Events Calendar",
"versions": [
{
"changes": [
{
"at": "2.4.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.4.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-24715
2024-05-17 09:15:22
wpvulndb
wpvulndb
BookIt <= 2.4.0 - Price Bypass
2024-02-06 00:00:00
wordfence
wordfence
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
AI Score
6.8
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-24715