Lucene search
PatchstackCVE-2024-33641HistoryApr 29, 2024 - 8:15 a.m.
CVE-2024-33641
2024-04-2908:15:08
CWE-502
Patchstack
web.nvd.nist.gov
25
cve-2024-33641
untrusted data
custom field finder
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue affects Custom field finder: from n/a through 0.3.
Affected configurations
Node
team_yoastcustom_field_finderRange≤0.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| team_yoast | custom_field_finder | * | cpe:2.3:a:team_yoast:custom_field_finder:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "custom-field-finder",
"product": "Custom field finder",
"vendor": "Team Yoast",
"versions": [
{
"changes": [
{
"at": "0.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "0.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
wpvulndb
wpvulndb
Custom field finder < 0.4 - Authenticated (Author+) PHP Object Injection
2024-05-01 00:00:00
nvd
nvd
CVE-2024-33641
2024-04-29 08:15:08
vulnrichment
vulnrichment
wordfence
wordfence
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-33641