Lucene search
PatchstackVULNRICHMENT:CVE-2024-34800HistoryJun 10, 2024 - 3:41 p.m.
CVE-2024-34800 WordPress Crafthemes Demo Import plugin <= 3.3 - Arbitrary Plugin Installation vulnerability
2024-06-1015:41:19
CWE-306
Patchstack
github.com
wordpress
crafthemes demo import
arbitrary plugin installation
missing authentication
critical function
functionality misuse
cve-2024-34800
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import allows Functionality Misuse.This issue affects Crafthemes Demo Import: from n/a through 3.3.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "crafthemes-demo-import",
"product": "Crafthemes Demo Import",
"vendor": "Aruphash",
"versions": [
{
"lessThanOrEqual": "3.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
cve
cve
CVE-2024-34800
2024-06-10 16:15:14
nvd
nvd
CVE-2024-34800
2024-06-10 16:15:14
cvelist
cvelist
wordfence
wordfence
7.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Related for VULNRICHMENT:CVE-2024-34800