Lucene search
PatchstackCVE-2024-30230HistoryMar 28, 2024 - 5:15 a.m.
CVE-2024-30230
2024-03-2805:15:51
CWE-502
Patchstack
web.nvd.nist.gov
27
acowebs
woocommerce
pdf invoices
deserialization
vulnerability
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
AI Score
6.9
Confidence
Low
EPSS
0
Percentile
9.0%
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7.
Affected configurations
Node
acowebsproduct_labels_for_woocommerce_\(sale_badges\)Range≤1.3.7wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| acowebs | product_labels_for_woocommerce_\(sale_badges\) | * | cpe:2.3:a:acowebs:product_labels_for_woocommerce_\(sale_badges\):*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "pdf-invoices-and-packing-slips-for-woocommerce",
"product": "PDF Invoices and Packing Slips For WooCommerce",
"vendor": "Acowebs",
"versions": [
{
"changes": [
{
"at": "1.3.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
AI Score
6.9
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-30230