Lucene search
PatchstackCVELIST:CVE-2024-32827HistoryMay 17, 2024 - 9:39 a.m.
CVE-2024-32827 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.7 - IP Restriction Bypass vulnerability
2024-05-1709:39:47
CWE-290
Patchstack
www.cve.org
cve-2024-32827
wordpress
rafflepress
giveaways and contests
ip restriction bypass
authentication bypass
spoofing
functionality bypass
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0.0004 Low
EPSS
Percentile
9.0%
Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows Functionality Bypass.This issue affects Giveaways and Contests: from n/a through 1.12.7.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "rafflepress",
"product": "Giveaways and Contests",
"vendor": "RafflePress",
"versions": [
{
"changes": [
{
"at": "1.12.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.12.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-32827
2024-05-17 10:15:11
cve
cve
CVE-2024-32827
2024-05-17 10:15:11
wpvulndb
wpvulndb
Giveaways and Contests by RafflePress < 1.12.11 - IP Spoofing
2024-05-03 00:00:00
vulnrichment
vulnrichment
wordfence
wordfence
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0.0004 Low
EPSS
Percentile
9.0%
Related for CVELIST:CVE-2024-32827