Lucene search

PatchstackCVELIST:CVE-2024-33584

HistoryApr 29, 2024 - 7:39 a.m.

CVE-2024-33584 WordPress Video Conferencing with Zoom plugin <= 4.4.4 - Open Redirection vulnerability

2024-04-2907:39:57

CWE-601

Patchstack

www.cve.org

wordpress

zoom

plugin

open redirection

vulnerability

CVSS3

4.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

25.9%

JSON

URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability in Deepen Bajracharya Video Conferencing with Zoom.This issue affects Video Conferencing with Zoom: from n/a through 4.4.4.

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "video-conferencing-with-zoom-api",
    "product": "Video Conferencing with Zoom",
    "vendor": "Deepen Bajracharya",
    "versions": [
      {
        "changes": [
          {
            "at": "4.4.5",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "4.4.4",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/video-conferencing-with-zoom-api/wordpress-video-conferencing-with-zoom-plugin-4-4-4-open-redirection-vulnerability?_s_id=cve

CVSS3

4.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

25.9%

JSON

Related for CVELIST:CVE-2024-33584