Lucene search
HistoryApr 24, 2024 - 11:15 a.m.
CVE-2024-32808
cve-2024-32808
authorization bypass
metagauss profilegrid
profilegrid
vulnerability
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.0%
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9.
Affected configurations
Node
metagaussprofilegridRange≤5.7.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| metagauss | profilegrid | * | cpe:2.3:a:metagauss:profilegrid:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "profilegrid-user-profiles-groups-and-communities",
"product": "ProfileGrid ",
"vendor": "Metagauss",
"versions": [
{
"changes": [
{
"at": "5.8.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.7.9",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.0%
Related for CVE-2024-32808