Lucene search

[email protected]CVE-2024-32819

HistoryApr 24, 2024 - 7:15 a.m.

CVE-2024-32819

2024-04-2407:15:47

CWE-918

[email protected]

web.nvd.nist.gov

ssrf

culqi

vulnerability

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

7.5 High

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

8.4%

JSON

Server-Side Request Forgery (SSRF) vulnerability in Culqi.This issue affects Culqi: from n/a through 3.0.14.

References

patchstack.com/database/vulnerability/culqi-checkout/wordpress-culqi-plugin-3-0-14-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

7.5 High

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

8.4%

JSON

Related for CVE-2024-32819

wpvulndb1 cvelist1 wordfence1