Lucene search
HistoryMay 14, 2024 - 3:37 p.m.
CVE-2024-32717
cve-2024-32717
wpdeveloper
schedulepress
missing authorization
vulnerability
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Missing Authorization vulnerability in WPDeveloper SchedulePress.This issue affects SchedulePress: from n/a through 5.0.8.
Affected configurations
Node
wpdeveloperbetterlinksRange≤5.0.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| wpdeveloper | betterlinks | * | cpe:2.3:a:wpdeveloper:betterlinks:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-scheduled-posts",
"product": "SchedulePress",
"vendor": "WPDeveloper",
"versions": [
{
"changes": [
{
"at": "5.0.9",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.0.8",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
wpvulndb
wpvulndb
SchedulePress < 5.0.9 - Missing Authorization
2024-04-29 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2024-32717
2024-05-14 15:37:00
wordfence
wordfence
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2024-32717