Lucene search
PatchstackVULNRICHMENT:CVE-2024-4745HistoryJun 10, 2024 - 8:09 a.m.
CVE-2024-4745 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.4 - Broken Access Control vulnerability
2024-06-1008:09:15
CWE-862
Patchstack
github.com
cve-2024-4745
rafflepress
broken access control
missing authorization
wordpress
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
13.4%
Missing Authorization vulnerability in RafflePress Giveaways and Contests by RafflePress.This issue affects Giveaways and Contests by RafflePress: from n/a through 1.12.4.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "rafflepress",
"product": "Giveaways and Contests by RafflePress",
"vendor": "RafflePress",
"versions": [
{
"changes": [
{
"at": "1.12.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.12.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-4745
2024-06-10 08:15:52
cvelist
cvelist
wpvulndb
wpvulndb
Giveaways and Contests by RafflePress < 1.12.5 - Missing Authorization
2024-05-15 00:00:00
nvd
nvd
CVE-2024-4745
2024-06-10 08:15:52
wordfence
wordfence
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
13.4%
Related for VULNRICHMENT:CVE-2024-4745