Lucene search

PatchstackCVELIST:CVE-2024-31229

HistoryApr 18, 2024 - 10:28 a.m.

CVE-2024-31229 WordPress Really Simple SSL plugin <= 7.2.3 - Server Side Request Forgery (SSRF) vulnerability

2024-04-1810:28:28

CWE-918

Patchstack

www.cve.org

cve-2024-31229 wordpress

ssl

ssrf

vulnerability

5.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

9.0%

JSON

Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plugins Really Simple SSL.This issue affects Really Simple SSL: from n/a through 7.2.3.

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "really-simple-ssl",
    "product": "Really Simple SSL",
    "vendor": "Really Simple Plugins",
    "versions": [
      {
        "changes": [
          {
            "at": "8.0.0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "7.2.3",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/really-simple-ssl/wordpress-really-simple-ssl-plugin-7-2-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

5.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-31229