Lucene search
PatchstackCVE-2024-32717HistoryMay 14, 2024 - 3:37 p.m.
CVE-2024-32717
2024-05-1415:37:00
CWE-862
Patchstack
web.nvd.nist.gov
38
cve-2024-32717
wpdeveloper
schedulepress
missing authorization
vulnerability
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Missing Authorization vulnerability in WPDeveloper SchedulePress.This issue affects SchedulePress: from n/a through 5.0.8.
Affected configurations
Node
wpdeveloperreviewxRange≤5.0.8wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wpdeveloper | reviewx | * | cpe:2.3:a:wpdeveloper:reviewx:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-scheduled-posts",
"product": "SchedulePress",
"vendor": "WPDeveloper",
"versions": [
{
"changes": [
{
"at": "5.0.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.8",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
wpvulndb
wpvulndb
SchedulePress < 5.0.9 - Missing Authorization
2024-04-29 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2024-32717
2024-05-14 15:37:00
wordfence
wordfence
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-32717