Lucene search
HistoryApr 10, 2024 - 4:15 p.m.
CVE-2024-31302
vulnerability
information exposure
contact form email
unauthorized actor
codepeople.
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
9.3 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form Email: from n/a through 1.3.44.
Affected configurations
Node
codepeoplecontact_form_emailRange≤1.3.44
| Vendor | Product | Version | CPE |
|---|---|---|---|
| codepeople | contact_form_email | * | cpe:2.3:a:codepeople:contact_form_email:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "contact-form-to-email",
"product": "Contact Form Email",
"vendor": "CodePeople",
"versions": [
{
"changes": [
{
"at": "1.3.45",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.44",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-31302
2024-04-10 16:15:14
cvelist
cvelist
wpvulndb
wpvulndb
Contact Form Email < 1.3.45 - Unauthenticated Sensitive Information Exposure
2024-04-11 00:00:00
wordfence
wordfence
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
9.3 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
Related for CVE-2024-31302