Lucene search
PatchstackCVELIST:CVE-2024-31302HistoryApr 10, 2024 - 3:32 p.m.
CVE-2024-31302 WordPress Contact Form Email plugin <= 1.3.44 - Sensitive Data Exposure vulnerability
2024-04-1015:32:41
CWE-200
Patchstack
www.cve.org
wordpress
contact form
sensitive data
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form Email: from n/a through 1.3.44.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "contact-form-to-email",
"product": "Contact Form Email",
"vendor": "CodePeople",
"versions": [
{
"changes": [
{
"at": "1.3.45",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.44",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-31302
2024-04-10 16:15:14
wpvulndb
wpvulndb
Contact Form Email < 1.3.45 - Unauthenticated Sensitive Information Exposure
2024-04-11 00:00:00
cve
cve
CVE-2024-31302
2024-04-10 16:15:14
wordfence
wordfence
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.1%
Related for CVELIST:CVE-2024-31302