Lucene search
PatchstackCVE-2024-43141HistoryAug 13, 2024 - 12:15 p.m.
CVE-2024-43141
2024-08-1312:15:07
CWE-502
Patchstack
web.nvd.nist.gov
22
cve-2024-43141
deserialization
untrusted data
vulnerability
roland barker
participants database
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0
Percentile
9.5%
Deserialization of Untrusted Data vulnerability in Roland Barker, xnau webdesign Participants Database allows Object Injection.This issue affects Participants Database: from n/a through 2.5.9.2.
Affected configurations
Node
roland_barker\,_xnau_webdesignparticipants_databaseRange≤2.5.9.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| roland_barker\,_xnau_webdesign | participants_database | * | cpe:2.3:a:roland_barker\,_xnau_webdesign:participants_database:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "participants-database",
"product": "Participants Database",
"vendor": "Roland Barker, xnau webdesign",
"versions": [
{
"changes": [
{
"at": "2.5.9.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.5.9.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-43141
2024-08-13 12:15:07
cvelist
cvelist
wordfence
wordfence
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0
Percentile
9.5%
Related for CVE-2024-43141