Lucene search
PatchstackCVELIST:CVE-2024-35633HistoryJun 03, 2024 - 10:04 a.m.
CVE-2024-35633 WordPress Blocksy Companion plugin <= 2.0.42 - Server Side Request Forgery (SSRF) vulnerability
2024-06-0310:04:57
CWE-918
Patchstack
www.cve.org
cve-2024-35633
server-side request forgery
creativethemes blocksy companion
4.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
5.2 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Server-Side Request Forgery (SSRF) vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a through 2.0.42.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "blocksy-companion",
"product": "Blocksy Companion",
"vendor": "CreativeThemes",
"versions": [
{
"changes": [
{
"at": "2.0.43",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.0.42",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-35633
2024-06-03 10:15:13
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-35633
2024-06-03 10:15:13
wpvulndb
wpvulndb
wordfence
wordfence
4.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
5.2 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-35633