Lucene search

[email protected]CVE-2024-30481

HistoryJun 09, 2024 - 11:15 a.m.

CVE-2024-30481

2024-06-0911:15:51

[email protected]

web.nvd.nist.gov

cve-2024-30481

samuel marshall

broken access control

jch optimize

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Broken Access Control vulnerability in Samuel Marshall JCH Optimize.This issue affects JCH Optimize: from n/a through 4.0.0.

Affected configurations

Vulners

Node

samuel_marshalljch_optimizeRange≤4.0.0

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "jch-optimize",
    "product": "JCH Optimize",
    "vendor": "Samuel Marshall",
    "versions": [
      {
        "changes": [
          {
            "at": "4.0.1",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.0.0",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/jch-optimize/wordpress-jch-optimize-plugin-4-0-0-broken-access-control-vulnerability?_s_id=cve

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2024-30481

vulnrichment1 nvd1 cvelist1