CVE-2024-33538

2024-04-2908:15:06

CWE-200

[email protected]

web.nvd.nist.gov

vulnerability

fastline media llc

sensitive information

unauthorized actor

assistant

every day productivity apps

nvd

cve-2024-33538

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Fastline Media LLC Assistant – Every Day Productivity Apps.This issue affects Assistant – Every Day Productivity Apps: from n/a through 1.4.9.1.

Affected configurations

Vulners

Node

fastline_media_llcassistant_–_every_day_productivity_appsRange≤1.4.9.1

VendorProductVersionCPE
fastline_media_llcassistant_–_every_day_productivity_apps*cpe:2.3:*:fastline_media_llc:assistant_–_every_day_productivity_apps:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fastline_media_llc	assistant_–_every_day_productivity_apps	*	cpe:2.3::fastline_media_llc:assistant_–_every_day_productivity_apps::::::::*

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "assistant",
    "product": "Assistant – Every Day Productivity Apps",
    "vendor": "Fastline Media LLC",
    "versions": [
      {
        "changes": [
          {
            "at": "1.4.9.2",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "1.4.9.1",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/assistant/wordpress-assistant-every-day-productivity-apps-plugin-1-4-9-1-sensitive-data-exposure-vulnerability?_s_id=cve