Lucene search

[email protected]CVE-2024-32509

HistoryApr 17, 2024 - 8:15 a.m.

CVE-2024-32509

2024-04-1708:15:06

CWE-862

[email protected]

web.nvd.nist.gov

authorization

vulnerability

loopus wp cost estimation

payment forms builder

nvd

cve-2024-32509

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

7.4 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

8.7%

JSON

Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76.

References

patchstack.com/database/vulnerability/wp-estimation-form/wordpress-wp-cost-estimation-payment-forms-builder-plugin-10-1-76-broken-access-control-vulnerability?_s_id=cve

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

7.4 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

8.7%

JSON

Related for CVE-2024-32509

cvelist1 wpvulndb1 wordfence1