Lucene search
PatchstackCVELIST:CVE-2024-22284HistoryJan 24, 2024 - 11:45 a.m.
CVE-2024-22284 WordPress Asgaros Forum Plugin <= 2.7.2 is vulnerable to PHP Object Injection
2024-01-2411:45:18
CWE-502
Patchstack
www.cve.org
1
wordpress
asgaros forum
cve-2024-22284
php object injection
deserialization
8.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
9.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.3%
Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.7.2.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "asgaros-forum",
"product": "Asgaros Forum",
"vendor": "Thomas Belser",
"versions": [
{
"changes": [
{
"at": "2.8.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.7.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
nvd
nvd
CVE-2024-22284
2024-01-24 12:15:57
cve
cve
CVE-2024-22284
2024-01-24 12:15:57
osv
osv
CVE-2024-22284
2024-01-24 12:15:57
prion
prion
Deserialization of untrusted data
2024-01-24 12:15:00
wordfence
wordfence
8.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
9.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.3%
Related for CVELIST:CVE-2024-22284