Lucene search
PatchstackCVELIST:CVE-2024-35748HistoryJun 09, 2024 - 6:41 p.m.
CVE-2024-35748 WordPress WooCommerce Dropshipping plugin <= 5.0.4 - Unauthenticated Arbitrary Email Sending vulnerability
2024-06-0918:41:02
CWE-862
Patchstack
www.cve.org
4
wordpress
woocommerce
dropshipping
unauthenticated
email sending
authorization
vulnerability
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0.0005 Low
EPSS
Percentile
17.0%
Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.This issue affects WooCommerce Dropshipping: from n/a through 5.0.4.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "WooCommerce Dropshipping",
"vendor": "OPMC",
"versions": [
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-35748
2024-06-09 19:15:52
wpvulndb
wpvulndb
cve
cve
CVE-2024-35748
2024-06-09 19:15:52
vulnrichment
vulnrichment
wordfence
wordfence
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
0.0005 Low
EPSS
Percentile
17.0%
Related for CVELIST:CVE-2024-35748