Lucene search

PatchstackCVELIST:CVE-2024-30481

HistoryJun 09, 2024 - 10:52 a.m.

CVE-2024-30481 WordPress JCH Optimize plugin <= 4.0.0 - Broken Access Control vulnerability

2024-06-0910:52:43

Patchstack

www.cve.org

cve-2024-30481 wordpress samuel marshall jch optimize access control

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

Percentile

9.0%

JSON

Broken Access Control vulnerability in Samuel Marshall JCH Optimize.This issue affects JCH Optimize: from n/a through 4.0.0.

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "jch-optimize",
    "product": "JCH Optimize",
    "vendor": "Samuel Marshall",
    "versions": [
      {
        "changes": [
          {
            "at": "4.0.1",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.0.0",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/jch-optimize/wordpress-jch-optimize-plugin-4-0-0-broken-access-control-vulnerability?_s_id=cve

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2024-30481