Lucene search
PatchstackCVELIST:CVE-2023-38389HistoryJun 21, 2024 - 3:58 p.m.
CVE-2023-38389 WordPress Jupiter X Core plugin <= 3.3.8 - Unauthenticated Account Takeover vulnerability
2024-06-2115:58:28
CWE-863
Patchstack
www.cve.org
7
wordpress
jupiterx core
plugin
unauthenticated account takeover
incorrect authorization
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.3%
Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JupiterX Core: from n/a through 3.3.8.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "JupiterX Core",
"vendor": "Artbees",
"versions": [
{
"changes": [
{
"at": "3.4.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.3.8",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Jupiter X Core Premium < 3.4.3 - Unauthenticated Privilege Escalation
2023-08-24 00:00:00
vulnrichment
vulnrichment
cve
cve
CVE-2023-38389
2024-06-21 16:15:11
nvd
nvd
CVE-2023-38389
2024-06-21 16:15:11
githubexploit
githubexploit
Exploit for Incorrect Authorization in Artbees Jupiter X Core
2023-08-27 00:30:16
wordfence
wordfence
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.3%
Related for CVELIST:CVE-2023-38389