Lucene search
PatchstackVULNRICHMENT:CVE-2024-39636HistoryAug 01, 2024 - 9:24 p.m.
CVE-2024-39636 WordPress Better Find and Replace plugin <= 1.6.1 - PHP Object Injection vulnerability
2024-08-0121:24:14
CWE-502
Patchstack
github.com
3
wordpress
find and replace plugin
1.6.1
php object injection
untrusted data deserialization
CVSS3
8.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
7
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Deserialization of Untrusted Data vulnerability in CodeSolz Better Find and Replace.This issue affects Better Find and Replace: from n/a through 1.6.1.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "real-time-auto-find-and-replace",
"product": "Better Find and Replace",
"vendor": "CodeSolz",
"versions": [
{
"changes": [
{
"at": "1.6.2",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.6.1",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:codesolz:better_find_and_replace:*:*:*:*:*:*:*:*"
],
"vendor": "codesolz",
"product": "better_find_and_replace",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "1.6.1"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2024-39636
2024-08-01 22:15:25
cvelist
cvelist
cve
cve
CVE-2024-39636
2024-08-01 22:15:25
wordfence
wordfence
CVSS3
8.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
7
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-39636