Lucene search

K
cve[email protected]CVE-2023-37972
HistoryNov 30, 2023 - 3:15 p.m.

CVE-2023-37972

2023-11-3015:15:07
CWE-200
web.nvd.nist.gov
11
cve
2023
37972
exposure
sensitive information
unauthorized actor
multivendorx
product stock manager
notifier
woocommerce

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

37.2%

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1.

Affected configurations

Vulners
NVD
Node
multivendorxproduct_stock_manager_\&_notifier_for_woocommerceRange≀2.0.1
VendorProductVersionCPE
multivendorxproduct_stock_manager_\&_notifier_for_woocommerce*cpe:2.3:a:multivendorx:product_stock_manager_\&_notifier_for_woocommerce:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "woocommerce-product-stock-alert",
    "product": "Product Stock Manager & Notifier for WooCommerce",
    "vendor": "MultiVendorX",
    "versions": [
      {
        "changes": [
          {
            "at": "2.0.2",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "2.0.1",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

37.2%

Related for CVE-2023-37972