Lucene search
PatchstackCVE-2024-32835HistoryApr 24, 2024 - 8:15 a.m.
CVE-2024-32835
2024-04-2408:15:41
CWE-502
Patchstack
web.nvd.nist.gov
34
webtoffee
wordpress users
deserialization
vulnerability
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Deserialization of Untrusted Data vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a through 2.5.3.
Affected configurations
Node
webtoffeeimport_export_wordpress_usersRange≤2.5.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| webtoffee | import_export_wordpress_users | * | cpe:2.3:a:webtoffee:import_export_wordpress_users:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "users-customers-import-export-for-wp-woocommerce",
"product": "Import Export WordPress Users",
"vendor": "WebToffee",
"versions": [
{
"changes": [
{
"at": "2.5.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.5.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-32835
2024-04-24 08:15:41
cvelist
cvelist
wpvulndb
wpvulndb
wordfence
wordfence
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-32835