Lucene search
PatchstackCVE-2023-41954HistoryMay 17, 2024 - 7:15 a.m.
CVE-2023-41954
2024-05-1707:15:59
CWE-269
Patchstack
web.nvd.nist.gov
31
cve-2023-41954
reserved
future
security
problem
CVSS3
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
AI Score
6.8
Confidence
High
EPSS
0
Percentile
9.0%
Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1.
Affected configurations
Node
profilepress_membership_teamprofilepressRange≤4.13.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| profilepress_membership_team | profilepress | * | cpe:2.3:a:profilepress_membership_team:profilepress:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-user-avatar",
"product": "ProfilePress",
"vendor": "ProfilePress Membership Team",
"versions": [
{
"changes": [
{
"at": "4.13.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.13.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
wpvulndb
wpvulndb
vulnrichment
vulnrichment
nvd
nvd
CVE-2023-41954
2024-05-17 07:15:59
CVSS3
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
AI Score
6.8
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2023-41954