CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
Software
Docket (WooCommerce Collections / Wishlist / Watchlist)
Type
Plugin
Vulnerable versions
< 1.7.0
Fixed in
1.7.0
OWASP Top 10
A3: Injection
Classification
SQL Injection
CVE
CVE-2024-43132
Patch priority
High
CVSS severity
High (9.3)
Developer
Claim ownership
PSID
952a5b0e08da
Credits
Dave Jong (Patchstack)
Required privilege
Unauthenticated
Published
7 August, 2024
Expand full details Have additional information or questions about this entry? Let us know.
We advise to mitigate or resolve the vulnerability immediately.
Vendor | Product | Version | CPE |
---|---|---|---|
- | docket_\(woocommerce_collections_\/_wishlist_\/_watchlist\) | * | cpe:2.3:a:-:docket_\(woocommerce_collections_\/_wishlist_\/_watchlist\):*:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High