Lucene search

[email protected]NVD:CVE-2024-32144

HistoryJun 11, 2024 - 4:15 p.m.

CVE-2024-32144

2024-06-1116:15:27

CWE-862

[email protected]

web.nvd.nist.gov

cve-2024-32144

welcart inc

authorization

vulnerability

welcart e-commerce

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

14.5%

JSON

Missing Authorization vulnerability in Welcart Inc. Welcart e-Commerce.This issue affects Welcart e-Commerce: from n/a through 2.9.14.

Affected configurations

Nvd

Node

welcartwelcart_e-commerceRange<2.10.0wordpress

VendorProductVersionCPE
welcartwelcart_e-commerce*cpe:2.3:a:welcart:welcart_e-commerce:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
welcart	welcart_e-commerce	*	cpe:2.3:a:welcart:welcart_e-commerce::::::wordpress::*

References

patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-9-14-broken-access-control-csrf-vulnerability?_s_id=cve

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

14.5%

JSON

Related for NVD:CVE-2024-32144

cvelist1 vulnrichment1 wpvulndb1 cve1 wordfence1