Lucene search

K
cvePatchstackCVE-2024-49604
HistoryOct 20, 2024 - 8:15 a.m.

CVE-2024-49604

2024-10-2008:15:04
CWE-306
CWE-288
Patchstack
web.nvd.nist.gov
25
authentication bypass
najeeb ahmad
simple user registration

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.001

Percentile

39.9%

Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple User Registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through 5.5.

Affected configurations

Nvd
Vulners
Vulnrichment
Node
najeebmediasimple_user_registrationRange5.5wordpress
VendorProductVersionCPE
najeebmediasimple_user_registration*cpe:2.3:a:najeebmedia:simple_user_registration:*:*:*:*:*:wordpress:*:*

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-registration",
    "product": "Simple User Registration",
    "vendor": "Najeeb Ahmad",
    "versions": [
      {
        "lessThanOrEqual": "5.5",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.001

Percentile

39.9%