Lucene search
HistoryApr 07, 2024 - 6:15 p.m.
CVE-2024-31277
cve-2024-31277
untrusted data
pickplugins product designer
deserialization
vulnerability
nvd
8.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
9.3 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32.
Affected configurations
Node
pickpluginsproduct_slider_for_woocommerceRange≤1.0.32
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pickplugins | product_slider_for_woocommerce | * | cpe:2.3:a:pickplugins:product_slider_for_woocommerce:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "product-designer",
"product": "Product Designer",
"vendor": "PickPlugins",
"versions": [
{
"changes": [
{
"at": "1.0.33",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.32",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-31277
2024-04-07 18:15:10
cvelist
cvelist
wpvulndb
wpvulndb
Product Designer < 1.0.33 - Unauthenticated PHP Object Injection
2024-04-11 00:00:00
wordfence
wordfence
8.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
9.3 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2024-31277