Lucene search

[email protected]NVD:CVE-2023-48759

HistoryJun 19, 2024 - 11:15 a.m.

CVE-2023-48759

2024-06-1911:15:50

CWE-862

[email protected]

web.nvd.nist.gov

crocoblock jetelements

missing authorization

vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.7%

JSON

Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13.

Affected configurations

Nvd

Node

crocoblockjetelementsRange<2.6.13.1wordpress

VendorProductVersionCPE
crocoblockjetelements*cpe:2.3:a:crocoblock:jetelements:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
crocoblock	jetelements	*	cpe:2.3:a:crocoblock:jetelements::::::wordpress::*

References

patchstack.com/database/vulnerability/jet-elements/wordpress-jetelements-for-elementor-plugin-2-6-13-unauthenticated-arbitrary-attachment-download-vulnerability?_s_id=cve

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.7%

JSON

Related for NVD:CVE-2023-48759

cve1 wpvulndb1 vulnrichment1 cvelist1 wordfence1