Lucene search
PatchstackCVELIST:CVE-2024-33627HistoryApr 29, 2024 - 7:42 a.m.
CVE-2024-33627 WordPress AGCA – Custom Dashboard & Login Page plugin <= 7.2.2 - Server Side Request Forgery (SSRF) vulnerability
2024-04-2907:42:20
CWE-918
Patchstack
www.cve.org
cve-2024-33627
server-side request forgery
absolutely glamorous custom admin
4.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
5.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ag-custom-admin",
"product": "Absolutely Glamorous Custom Admin",
"vendor": "Cusmin",
"versions": [
{
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Absolutely Glamorous Custom Admin < 7.2.4 - Admin+ SSRF
2024-05-01 00:00:00
cve
cve
CVE-2024-33627
2024-04-29 08:15:07
nvd
nvd
CVE-2024-33627
2024-04-29 08:15:07
wordfence
wordfence
4.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
5.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-33627