Lucene search
PatchstackCVE-2024-37952HistoryJul 09, 2024 - 1:15 p.m.
CVE-2024-37952
2024-07-0913:15:10
CWE-269
Patchstack
web.nvd.nist.gov
27
wordpress
bookyourtravel
privilege escalation
cve-2024-37952
vulnerability
theme
improper privilege management
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.001
Percentile
20.0%
Improper Privilege Management vulnerability in themeenergy BookYourTravel allows Privilege Escalation.This issue affects BookYourTravel: from n/a through 8.18.17.
Affected configurations
Node
themeenergybook_your_travelRange≤8.18.17wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| themeenergy | book_your_travel | * | cpe:2.3:a:themeenergy:book_your_travel:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "BookYourTravel",
"vendor": "themeenergy",
"versions": [
{
"changes": [
{
"at": "8.18.19",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.18.17",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-37952
2024-07-09 13:15:10
vulnrichment
vulnrichment
cvelist
cvelist
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.001
Percentile
20.0%
Related for CVE-2024-37952