Lucene search

K
patchstackRafie Muhammad (Patchstack)PATCHSTACK:737F2EB488B2133A3FCCD756B18E9F01
HistoryJul 04, 2024 - 12:00 a.m.

WordPress The Post Grid Plugin <= 7.7.4 is vulnerable to Broken Access Control

2024-07-0400:00:00
Rafie Muhammad (Patchstack)
patchstack.com
wordpress
post grid
vulnerable version 7.7.4
fixed version 7.7.5
broken access control
owasp top 10
cve-2024-37482
patchstack
mamunur rashid
low priority
low cvss severity
subscriber privilege
published 4 july 2024

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0

Percentile

9.9%

Software

The Post Grid

Type

Plugin

Vulnerable versions

<= 7.7.4

Fixed in

7.7.5

OWASP Top 10

A1: Broken Access Control

Classification

Broken Access Control

CVE

CVE-2024-37482

Patch priority

Low

CVSS severity

Low (4.3)

Developer

Mamunur Rashid

PSID

cde94030335f

Credits

Rafie Muhammad Patchstack Rafie Muhammad (Patchstack)

Required privilege

Subscriber

Published

4 July, 2024

Remove and replace plugin Expand full details Have additional information or questions about this entry? Let us know.

Solution

This security issue has a low severity impact and is unlikely to be exploited.

Affected configurations

Vulners
Node
post_grid_team_by_radiusthemethe_post_gridRange7.7.4
VendorProductVersionCPE
post_grid_team_by_radiusthemethe_post_grid*cpe:2.3:a:post_grid_team_by_radiustheme:the_post_grid:*:*:*:*:*:*:*:*

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0

Percentile

9.9%

Related for PATCHSTACK:737F2EB488B2133A3FCCD756B18E9F01