Lucene search

K
cvePatchstackCVE-2024-48026
HistoryOct 16, 2024 - 2:15 p.m.

CVE-2024-48026

2024-10-1614:15:06
CWE-502
Patchstack
web.nvd.nist.gov
30
grayson robbins
disc golf manager
object injection

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0

Percentile

9.7%

Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows Object Injection.This issue affects Disc Golf Manager: from n/a through 1.0.0.

Affected configurations

Vulners
Vulnrichment
Node
grayson_robbinsdisc_golf_managerRange1.0.0wordpress
VendorProductVersionCPE
grayson_robbinsdisc_golf_manager*cpe:2.3:a:grayson_robbins:disc_golf_manager:*:*:*:*:*:wordpress:*:*

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "disc-golf-manager",
    "product": "Disc Golf Manager",
    "vendor": "Grayson Robbins",
    "versions": [
      {
        "lessThanOrEqual": "1.0.0",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0

Percentile

9.7%