Lucene search
PatchstackCVE-2024-34800HistoryJun 10, 2024 - 4:15 p.m.
CVE-2024-34800
2024-06-1016:15:14
CWE-306
Patchstack
web.nvd.nist.gov
29
aruphash crafthemes
missing authentication
vulnerability
functionality misuse
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
EPSS
0
Percentile
9.0%
Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import allows Functionality Misuse.This issue affects Crafthemes Demo Import: from n/a through 3.3.
Affected configurations
Node
aruphashcrafthemes_demo_importRange≤3.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| aruphash | crafthemes_demo_import | * | cpe:2.3:a:aruphash:crafthemes_demo_import:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "crafthemes-demo-import",
"product": "Crafthemes Demo Import",
"vendor": "Aruphash",
"versions": [
{
"lessThanOrEqual": "3.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
cvelist
cvelist
wpvulndb
wpvulndb
nvd
nvd
CVE-2024-34800
2024-06-10 16:15:14
wordfence
wordfence
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
EPSS
0
Percentile
9.0%
Related for CVE-2024-34800