Lucene search
PatchstackCVE-2024-23512HistoryFeb 12, 2024 - 9:15 a.m.
CVE-2024-23512
2024-02-1209:15:11
CWE-502
Patchstack
web.nvd.nist.gov
23
cve-2024-23512
vulnerability
deserialization
untrusted data
wpxpo
productx
woocommerce builder
gutenberg woocommerce blocks
nvd
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
AI Score
9
Confidence
High
EPSS
0
Percentile
9.0%
Deserialization of Untrusted Data vulnerability in wpxpo ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks.This issue affects ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks: from n/a through 3.1.4.
Affected configurations
Node
wpxpopostx_-_gutenberg_blocks_for_post_gridRange≤3.1.4wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wpxpo | postx_-_gutenberg_blocks_for_post_grid | * | cpe:2.3:a:wpxpo:postx_-_gutenberg_blocks_for_post_grid:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "product-blocks",
"product": "ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks",
"vendor": "wpxpo",
"versions": [
{
"changes": [
{
"at": "3.1.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.1.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Deserialization of untrusted data
2024-02-12 09:15:00
nvd
nvd
CVE-2024-23512
2024-02-12 09:15:11
wpvulndb
wpvulndb
cvelist
cvelist
wordfence
wordfence
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
AI Score
9
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-23512