Lucene search
HistoryJun 08, 2024 - 1:15 p.m.
CVE-2024-35736
sql injection
themeisle visualizer
cve-2024-35736
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
0.0004 Low
EPSS
Percentile
9.1%
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1.
Affected configurations
Node
themeislevisualizerRange≤3.11.1
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "visualizer",
"product": "Visualizer",
"vendor": "Themeisle",
"versions": [
{
"changes": [
{
"at": "3.11.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.11.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Visualizer < 3.11.2 - Authenticated (Subscriber+) SQL Injection
2024-06-13 00:00:00
cvelist
cvelist
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-35736
2024-06-08 13:15:55
wordfence
wordfence
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2024-35736