Lucene search

PatchstackCVELIST:CVE-2022-29423

HistoryMay 06, 2022 - 5:40 p.m.

CVE-2022-29423 WordPress Countdown & Clock plugin <= 2.3.2 - Pro Features Lock Bypass vulnerability

2022-05-0617:40:41

CWE-264

Patchstack

www.cve.org

cve-2022-29423

wordpress

countdown & clock plugin

pro features lock bypass

vulnerability

CVSS3

3.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

57.6%

JSON

Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress.

CNA Affected

[
  {
    "product": "Countdown & Clock (WordPress plugin)",
    "vendor": "Adam Skaat",
    "versions": [
      {
        "lessThanOrEqual": "2.3.2",
        "status": "affected",
        "version": "<= 2.3.2",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/countdown-builder/wordpress-countdown-clock-plugin-2-3-0-pro-features-lock-bypass-vulnerability

wordpress.org/plugins/countdown-builder/#developers

CVSS3

3.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

57.6%

JSON

Related for CVELIST:CVE-2022-29423