Lucene search
PatchstackCVELIST:CVE-2024-25933HistoryMar 17, 2024 - 4:04 p.m.
CVE-2024-25933 WordPress PeproDev Ultimate Invoice plugin <= 1.9.7 - Sensitive Data Exposure vulnerability
2024-03-1716:04:04
CWE-200
Patchstack
www.cve.org
2
cve-2024-25933
wordpress
peprodev ultimate invoice
sensitive data exposure
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.0004 Low
EPSS
Percentile
9.0%
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "pepro-ultimate-invoice",
"product": "PeproDev Ultimate Invoice",
"vendor": "Pepro Dev. Group",
"versions": [
{
"lessThanOrEqual": "1.9.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-25933
2024-03-17 16:15:08
wpvulndb
wpvulndb
PeproDev Ultimate Invoice < 1.9.8 - Unauthenticated Arbitrary Invoice Access
2024-02-23 00:00:00
cve
cve
CVE-2024-25933
2024-03-17 16:15:08
wordfence
wordfence
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.0004 Low
EPSS
Percentile
9.0%
Related for CVELIST:CVE-2024-25933