Lucene search

[email protected]CVE-2024-24867

HistoryMar 17, 2024 - 4:15 p.m.

CVE-2024-24867

2024-03-1716:15:08

CWE-200

[email protected]

web.nvd.nist.gov

cve-2024-24867

vulnerability

information security

wp visitor statistics

real time traffic

unauthorized access

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 6.9.4.

Affected configurations

Vulners

Node

osamaeshwp_visitor_statistics_\(real_time_traffic\)Range≤6.9.4

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-stats-manager",
    "product": "WP Visitor Statistics (Real Time Traffic)",
    "vendor": "Osamaesh",
    "versions": [
      {
        "changes": [
          {
            "at": "6.9.5",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.9.4",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-stats-manager-plugin-6-9-4-sensitive-data-exposure-vulnerability?_s_id=cve

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2024-24867

cvelist1 wpvulndb1 nvd1 wordfence1