Lucene search
PatchstackCVE-2024-33944HistoryMay 02, 2024 - 1:15 p.m.
CVE-2024-33944
2024-05-0213:15:26
CWE-862
Patchstack
web.nvd.nist.gov
33
cve-2024-33944
missing authorization
kestrel
woocommerce
aweber
newsletter subscription
vulnerability
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Missing Authorization vulnerability in Kestrel WooCommerce AWeber Newsletter Subscription.This issue affects WooCommerce AWeber Newsletter Subscription: from n/a through 4.0.2.
Affected configurations
Node
kestrelwoocommerce_aweber_newsletter_subscriptionRangeβ€4.0.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kestrel | woocommerce_aweber_newsletter_subscription | * | cpe:2.3:a:kestrel:woocommerce_aweber_newsletter_subscription:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "WooCommerce AWeber Newsletter Subscription",
"vendor": "Kestrel",
"versions": [
{
"changes": [
{
"at": "4.0.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.0.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-33944
2024-05-02 13:15:26
wpvulndb
wpvulndb
vulnrichment
vulnrichment
cvelist
cvelist
wordfence
wordfence
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-33944