Lucene search

K
vulnrichmentPatchstackVULNRICHMENT:CVE-2024-44034
HistoryOct 05, 2024 - 12:21 p.m.

CVE-2024-44034 WordPress WPSPX plugin <= 1.0.2 - Local File Inclusion vulnerability

2024-10-0512:21:11
CWE-22
Patchstack
github.com
cve-2024-44034
wordpress
wpspx
local file inclusion

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Martin Greenwood WPSPX allows PHP Local File Inclusion.This issue affects WPSPX: from n/a through 1.0.2.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:martin_greenwood:wpspx:*:*:*:*:*:*:*:*"
    ],
    "vendor": "martin_greenwood",
    "product": "wpspx",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "1.0.2"
      }
    ],
    "defaultStatus": "unknown"
  }
]

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

Related for VULNRICHMENT:CVE-2024-44034