Lucene search
HistoryJan 24, 2024 - 12:15 p.m.
CVE-2024-22308
cve-2024-22308
url redirection
open redirect
smp7
wp.insider simple membership
nvd
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.8 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.0%
URL Redirection to Untrusted Site (βOpen Redirectβ) vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.4.1.
Affected configurations
Node
smp7\,_wp.insidersimple_membershipRangeβ€4.4.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| simple-membership-plugin:simple_membership | simple-membership-plugin simple membership | lt | 4.4.2 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "simple-membership",
"product": "Simple Membership",
"vendor": "smp7, wp.insider",
"versions": [
{
"changes": [
{
"at": "4.4.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.4.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Simple Membership < 4.4.2 - Open Redirect
2024-01-24 00:00:00
cvelist
cvelist
prion
prion
Open redirect
2024-01-24 12:15:00
nvd
nvd
CVE-2024-22308
2024-01-24 12:15:58
wordfence
wordfence
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.8 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.0%
Related for CVE-2024-22308