Lucene search

CVE-2024-37497

🗓️ 09 Jul 2024 12:14:15Reported by PatchstackType

Improper Pathname Limitation in Crocoblock JetThemeCore allowing File Manipulatio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
NVD	CVE-2024-37497	9 Jul 202412:15	–	nvd
Patchstack	WordPress JetThemeCore Plugin < 2.2.1 is vulnerable to Arbitrary File Deletion	4 Jul 202400:00	–	patchstack
Vulnrichment	CVE-2024-37497 WordPress JetThemeCore plugin < 2.2.1 - Subscriber+ Arbitrary File Deletion vulnerability	9 Jul 202411:49	–	vulnrichment
Cvelist	CVE-2024-37497 WordPress JetThemeCore plugin < 2.2.1 - Subscriber+ Arbitrary File Deletion vulnerability	9 Jul 202411:49	–	cvelist
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (July 1, 2024 to July 7, 2024)	11 Jul 202415:09	–	wordfence

Vulners

Node

crocoblock jetthemecoreRange<2.2.1wordpress

[
  {
    "defaultStatus": "unaffected",
    "product": "JetThemeCore",
    "vendor": "Crocoblock",
    "versions": [
      {
        "changes": [
          {
            "at": "2.2.1",
            "status": "unaffected"
          }
        ],
        "lessThan": "2.2.1",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/jet-theme-core/wordpress-jetthemecore-plugin-2-2-1-subscriber-arbitrary-file-deletion-vulnerability

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Jul 2024 12:15Current

7.7High risk

Vulners AI Score7.7

CVSS37.7

EPSS0.00176

SSVC

CWE-22