Lucene search
PatchstackCVELIST:CVE-2024-22294HistoryJan 24, 2024 - 12:05 p.m.
CVE-2024-22294 WordPress Download IP2Location Country Blocker Plugin <= 2.33.3 is vulnerable to Sensitive Data Exposure
2024-01-2412:05:22
CWE-200
Patchstack
www.cve.org
1
wordpress
ip2location country blocker
vulnerable
sensitive data exposure
unauthorized actor
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
37.2%
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ip2location-country-blocker",
"product": "IP2Location Country Blocker",
"vendor": "IP2Location",
"versions": [
{
"changes": [
{
"at": "2.33.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.33.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
prion
prion
Cross site scripting
2024-01-24 12:15:00
nvd
nvd
CVE-2024-22294
2024-01-24 12:15:58
cve
cve
CVE-2024-22294
2024-01-24 12:15:58
wordfence
wordfence
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
37.2%
Related for CVELIST:CVE-2024-22294