Lucene search
PatchstackCVE-2024-34815HistoryJun 11, 2024 - 5:16 p.m.
CVE-2024-34815
2024-06-1117:16:01
CWE-862
Patchstack
web.nvd.nist.gov
27
cve-2024-34815
vulnerability
codection
import
export
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
EPSS
0
Percentile
9.0%
Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.26.5.
Affected configurations
Node
codectionimport_and_export_users_and_customersRange≤1.26.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| codection | import_and_export_users_and_customers | * | cpe:2.3:a:codection:import_and_export_users_and_customers:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "import-users-from-csv-with-meta",
"product": "Import and export users and customers",
"vendor": "Codection",
"versions": [
{
"changes": [
{
"at": "1.26.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.26.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
EPSS
0
Percentile
9.0%
Related for CVE-2024-34815