Lucene search
PatchstackCVE-2024-31280HistoryApr 07, 2024 - 6:15 p.m.
CVE-2024-31280
2024-04-0718:15:10
CWE-434
Patchstack
web.nvd.nist.gov
34
unrestricted upload
file type
vulnerability
church admin
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0
Percentile
9.0%
Unrestricted Upload of File with Dangerous Type vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.5.
Affected configurations
Node
andy_moylechurch_adminRange≤4.1.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| andy_moyle | church_admin | * | cpe:2.3:a:andy_moyle:church_admin:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "church-admin",
"product": "Church Admin",
"vendor": "Andy Moyle",
"versions": [
{
"changes": [
{
"at": "4.1.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.1.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
wpvulndb
wpvulndb
Church Admin < 4.1.6 - Authenticated (Subscriber+) Arbitrary File Upload
2024-04-11 00:00:00
nvd
nvd
CVE-2024-31280
2024-04-07 18:15:10
cvelist
cvelist
wordfence
wordfence
CVSS3
9.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-31280