Lucene search
PatchstackCVELIST:CVE-2024-22308HistoryJan 24, 2024 - 11:59 a.m.
CVE-2024-22308 WordPress Simple Membership Plugin <= 4.4.1 is vulnerable to Open Redirection
2024-01-2411:59:37
CWE-601
Patchstack
www.cve.org
cve-2024-22308
url redirection
open redirect
simple membership plugin
3.4 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
0.0005 Low
EPSS
Percentile
17.0%
URL Redirection to Untrusted Site (βOpen Redirectβ) vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.4.1.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "simple-membership",
"product": "Simple Membership",
"vendor": "smp7, wp.insider",
"versions": [
{
"changes": [
{
"at": "4.4.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.4.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-22308
2024-01-24 12:15:58
wpvulndb
wpvulndb
Simple Membership < 4.4.2 - Open Redirect
2024-01-24 00:00:00
nvd
nvd
CVE-2024-22308
2024-01-24 12:15:58
prion
prion
Open redirect
2024-01-24 12:15:00
wordfence
wordfence
3.4 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
0.0005 Low
EPSS
Percentile
17.0%
Related for CVELIST:CVE-2024-22308