Lucene search
HistoryNov 30, 2023 - 3:15 p.m.
CVE-2023-37972
cve-2023-37972
unauthorized actor
multivendorx
product stock manager
notifier
woocommerce
sensitive information
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
37.2%
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1.
Affected configurations
Node
multivendorxproduct_stock_manager_\&_notifier_for_woocommerceRange<2.0.2wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| multivendorx | product_stock_manager_\&_notifier_for_woocommerce | * | cpe:2.3:a:multivendorx:product_stock_manager_\&_notifier_for_woocommerce:*:*:*:*:*:wordpress:*:* |
Related
prion
prion
Code injection
2023-11-30 15:15:00
cve
cve
CVE-2023-37972
2023-11-30 15:15:07
cvelist
cvelist
wordfence
wordfence
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
37.2%
Related for NVD:CVE-2023-37972