admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-10-17 10:00:46 +00:00
parent 75e65b9c9a
commit 57ced13543
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
16 changed files with 724 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2023/45xxx/CVE-2023-45593.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A CWE-693 \u201cProtection Mechanism Failure\u201d vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than \u201c http://localhost\u201d ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
"value": "A CWE-184 \u201cIncomplete List of Disallowed Inputs\u201d vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than \u201c http://localhost\u201d ) allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded browser, and have other unspecified impacts to the confidentiality, integrity, and availability of the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
}
]
},

6
2023/45xxx/CVE-2023-45596.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A CWE-862 \u201cMissing Authorization\u201d vulnerability in the \u201cfile_configuration\u201d functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
"value": "A CWE-425 \u201cDirect Request ('Forced Browsing')\u201d vulnerability in the \u201cfile_configuration\u201d functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
}
]
},
@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
"value": "CWE-425 Direct Request ('Forced Browsing')",
"cweId": "CWE-425"
}
]
}

6
2023/45xxx/CVE-2023-45598.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A CWE-862 \u201cMissing Authorization\u201d vulnerability in the \u201cmeasure\u201d functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
"value": "A CWE-425 \u201cDirect Request ('Forced Browsing')\u201d vulnerability in the \u201cmeasure\u201d functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2."
}
]
},
@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
"value": "CWE-425 Direct Request ('Forced Browsing')",
"cweId": "CWE-425"
}
]
}

139
2024/10xxx/CVE-2024-10025.json
View File

@ -1,17 +1,148 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10025",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@sick.de",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain text within the code. By exploiting these plaintext credentials, an attacker can log into affected SICK products as an \u201cAuthorized Client\u201d if the customer has not changed the default password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials",
"cweId": "CWE-798"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SICK AG",
"product": {
"product_data": [
{
"product_name": "SICK CLV6xx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "SICK Lector6xx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
},
{
"product_name": "SICK RFx6xx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "all versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://sick.com/psirt",
"refsource": "MISC",
"name": "https://sick.com/psirt"
},
{
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices",
"refsource": "MISC",
"name": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF",
"refsource": "MISC",
"name": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
},
{
"url": "https://www.first.org/cvss/calculator/3.1",
"refsource": "MISC",
"name": "https://www.first.org/cvss/calculator/3.1"
},
{
"url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.pdf",
"refsource": "MISC",
"name": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.pdf"
},
{
"url": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.json",
"refsource": "MISC",
"name": "https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0003.json"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "sca-2024-0003",
"discovery": "INTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Customers are strongly advised to change their default passwords.<br>"
}
],
"value": "Customers are strongly advised to change their default passwords."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
]
}

18
2024/10xxx/CVE-2024-10076.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-10076",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

65
2024/49xxx/CVE-2024-49386.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49386",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@acronis.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-359",
"cweId": "CWE-359"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Acronis",
"product": {
"product_data": [
{
"product_name": "Acronis Cyber Files",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.0.0x24"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-5129",
"refsource": "MISC",
"name": "https://security-advisory.acronis.com/advisories/SEC-5129"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
}
]
}

71
2024/49xxx/CVE-2024-49389.json
View File

@ -1,17 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49389",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@acronis.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276",
"cweId": "CWE-276"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Acronis",
"product": {
"product_data": [
{
"product_name": "Acronis Cyber Files",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.0.0x24"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-5319",
"refsource": "MISC",
"name": "https://security-advisory.acronis.com/advisories/SEC-5319"
}
]
},
"credits": [
{
"lang": "en",
"value": "@tkoyeung (https://hackerone.com/tkoyeung)"
}
],
"impact": {
"cvss": [
{
"version": "3.0",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
]
}

71
2024/49xxx/CVE-2024-49390.json
View File

@ -1,17 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49390",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@acronis.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427",
"cweId": "CWE-427"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Acronis",
"product": {
"product_data": [
{
"product_name": "Acronis Cyber Files",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.0.0x24"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-5845",
"refsource": "MISC",
"name": "https://security-advisory.acronis.com/advisories/SEC-5845"
}
]
},
"credits": [
{
"lang": "en",
"value": "@xdanes09 (https://hackerone.com/xdanes09)"
}
],
"impact": {
"cvss": [
{
"version": "3.0",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
}
]
}

71
2024/49xxx/CVE-2024-49391.json
View File

@ -1,17 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49391",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@acronis.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427",
"cweId": "CWE-427"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Acronis",
"product": {
"product_data": [
{
"product_name": "Acronis Cyber Files",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.0.0x24"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-7220",
"refsource": "MISC",
"name": "https://security-advisory.acronis.com/advisories/SEC-7220"
}
]
},
"credits": [
{
"lang": "en",
"value": "@satz4797 (https://hackerone.com/satz4797)"
}
],
"impact": {
"cvss": [
{
"version": "3.0",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"
}
]
}

65
2024/49xxx/CVE-2024-49392.json
View File

@ -1,17 +1,74 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49392",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@acronis.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Acronis",
"product": {
"product_data": [
{
"product_name": "Acronis Cyber Files",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "9.0.0x24"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-7554",
"refsource": "MISC",
"name": "https://security-advisory.acronis.com/advisories/SEC-7554"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N"
}
]
}

18
2024/49xxx/CVE-2024-49604.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49604",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/49xxx/CVE-2024-49605.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49605",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/49xxx/CVE-2024-49702.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49702",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2024/49xxx/CVE-2024-49703.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-49703",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

91
2024/8xxx/CVE-2024-8920.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-8920",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Fonto \u2013 Custom Web Fonts Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "vladolaru",
"product": {
"product_data": [
{
"product_name": "Fonto \u2013 Custom Web Fonts Manager",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/358be91d-cb00-429b-a4ed-69bf81e4d19e?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/358be91d-cb00-429b-a4ed-69bf81e4d19e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/fonto/trunk/includes/class-fonto.php#L373",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/fonto/trunk/includes/class-fonto.php#L373"
},
{
"url": "https://wordpress.org/plugins/fonto/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/fonto/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3169936/",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/3169936/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3169936/#file2",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/3169936/#file2"
}
]
},
"credits": [
{
"lang": "en",
"value": "Francesco Carlucci"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
}
]
}

86
2024/9xxx/CVE-2024-9184.json
View File

@ -1,17 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-9184",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The SendPulse Free Web Push plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.6 due to incorrect use of the wp_kses_allowed_html function. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "sendpulse",
"product": {
"product_data": [
{
"product_name": "SendPulse Free Web Push",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.3.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/74831bf8-0a30-4758-bfe6-5a5b4ee7ec24?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/74831bf8-0a30-4758-bfe6-5a5b4ee7ec24?source=cve"
},
{
"url": "https://wordpress.org/plugins/sendpulse-web-push/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/sendpulse-web-push/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/browser/sendpulse-web-push/trunk/settings.php#L10",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/browser/sendpulse-web-push/trunk/settings.php#L10"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3169899/",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset/3169899/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Francesco Carlucci"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 7.2,
"baseSeverity": "HIGH"
}
]
}