Lucene search

[email protected]CVE-2024-33592

HistoryApr 25, 2024 - 3:16 p.m.

CVE-2024-33592

2024-04-2515:16:04

CWE-918

[email protected]

web.nvd.nist.gov

ssrf

softlab radio player

nvd

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.8%

JSON

Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.

Affected configurations

Vulners

Node

softlabradio_playerRange≤2.0.73

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "radio-player",
    "product": "Radio Player",
    "vendor": "SoftLab",
    "versions": [
      {
        "changes": [
          {
            "at": "2.0.74",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "2.0.73",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/radio-player/wordpress-radio-player-plugin-2-0-73-server-side-request-forgery-ssrf-vulnerability?_s_id=cve

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.8%

JSON

Related for CVE-2024-33592

nvd1 wpvulndb1 cvelist1 wordfence1