nvd-json-data-feeds/CVE-2024/CVE-2024-440xx/CVE-2024-44020.json

{
  "id": "CVE-2024-44020",
  "sourceIdentifier": "audit@patchstack.com",
  "published": "2024-11-01T15:15:52.483",
  "lastModified": "2024-11-08T21:02:41.617",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Missing Authorization vulnerability in Prasad Kirpekar WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS allows .\n\nThis issue affects WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS: from n/a through 1.2.6."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de falta de autorizaci\u00f3n en Prasad Kirpekar WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS permite . Este problema afecta a WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS: desde n/a hasta 1.2.6."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "audit@patchstack.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4
      },
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "audit@patchstack.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:prasadkirpekar:wp_free_ssl:*:*:*:*:*:wordpress:*:*",
              "versionEndIncluding": "1.2.6",
              "matchCriteriaId": "153C0023-3D74-41A5-B602-5F10C0D497CB"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://patchstack.com/database/vulnerability/wp-free-ssl/wordpress-wp-free-ssl-plugin-1-2-6-broken-access-control-vulnerability?_s_id=cve",
      "source": "audit@patchstack.com",
      "tags": [
        "Third Party Advisory"
      ]
    }
  ]
}
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`{`
			`"id": "CVE-2024-44020",`
			`"sourceIdentifier": "audit@patchstack.com",`
			`"published": "2024-11-01T15:15:52.483",`
Auto-Update: 2024-11-08T23:00:19.669041+00:00 2024-11-08 23:03:20 +00:00			`"lastModified": "2024-11-08T21:02:41.617",`
			`"vulnStatus": "Analyzed",`
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Missing Authorization vulnerability in Prasad Kirpekar WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS allows .\n\nThis issue affects WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS: from n/a through 1.2.6."`
Auto-Update: 2024-11-08T23:00:19.669041+00:00 2024-11-08 23:03:20 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "Vulnerabilidad de falta de autorizaci\u00f3n en Prasad Kirpekar WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS permite . Este problema afecta a WP Free SSL \u2013 Free SSL Certificate for WordPress and force HTTPS: desde n/a hasta 1.2.6."`
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
Auto-Update: 2024-11-08T23:00:19.669041+00:00 2024-11-08 23:03:20 +00:00			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "audit@patchstack.com",`
			`"type": "Secondary",`
Auto-Update: 2024-11-08T23:00:19.669041+00:00 2024-11-08 23:03:20 +00:00			`"cvssData": {`
			`"version": "3.1",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",`
			`"baseScore": 4.3,`
			`"baseSeverity": "MEDIUM",`
Auto-Update: 2024-11-08T23:00:19.669041+00:00 2024-11-08 23:03:20 +00:00			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "LOW",`
			`"availabilityImpact": "NONE"`
Auto-Update: 2024-11-08T23:00:19.669041+00:00 2024-11-08 23:03:20 +00:00			`},`
			`"exploitabilityScore": 2.8,`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"impactScore": 1.4`
Auto-Update: 2024-11-08T23:00:19.669041+00:00 2024-11-08 23:03:20 +00:00			`},`
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`"cvssData": {`
			`"version": "3.1",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",`
			`"baseScore": 8.8,`
			`"baseSeverity": "HIGH",`
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH"`
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`},`
			`"exploitabilityScore": 2.8,`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"impactScore": 5.9`
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "audit@patchstack.com",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-862"`
			`}`
			`]`
			`}`
			`],`
Auto-Update: 2024-11-08T23:00:19.669041+00:00 2024-11-08 23:03:20 +00:00			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:prasadkirpekar:wp_free_ssl::::::wordpress::*",`
			`"versionEndIncluding": "1.2.6",`
			`"matchCriteriaId": "153C0023-3D74-41A5-B602-5F10C0D497CB"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`"references": [`
			`{`
			`"url": "https://patchstack.com/database/vulnerability/wp-free-ssl/wordpress-wp-free-ssl-plugin-1-2-6-broken-access-control-vulnerability?_s_id=cve",`
Auto-Update: 2024-11-08T23:00:19.669041+00:00 2024-11-08 23:03:20 +00:00			`"source": "audit@patchstack.com",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
Auto-Update: 2024-11-01T17:00:20.026664+00:00 2024-11-01 17:03:23 +00:00			`}`
			`]`
			`}`