Lucene search
PatchstackVULNRICHMENT:CVE-2024-4606HistoryMay 09, 2024 - 11:59 a.m.
CVE-2024-4606 WordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder plugin <= 1.6.2 - PHP Object Injection vulnerability
2024-05-0911:59:18
CWE-502
Patchstack
github.com
wordpress
elementor addons
woocommerce builder
edd builder
php object injection
vulnerability
deserialization
bdthemes
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Deserialization of Untrusted Data vulnerability in BdThemes Ultimate Store Kit Elementor Addons.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.6.2.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "ultimate-store-kit",
"product": "Ultimate Store Kit Elementor Addons",
"vendor": "BdThemes",
"versions": [
{
"lessThanOrEqual": "1.6.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-4606
2024-05-14 15:44:12
cvelist
cvelist
wpvulndb
wpvulndb
cve
cve
CVE-2024-4606
2024-05-14 15:44:12
wordfence
wordfence
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for VULNRICHMENT:CVE-2024-4606