admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 05:28:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-347xx/CVE-2024-34761.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

64 lines
2.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-34761",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-06-10T16:15:13.630",
"lastModified": "2024-11-21T09:19:20.860",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability discovered by executing a planned security audit.\n\nImproper Control of Generation of Code ('Code Injection') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows Code Injection.This issue affects Advanced Custom Fields PRO: from n/a before 6.2.10."
},
{
"lang": "es",
"value": "Vulnerabilidad descubierta al ejecutar una auditor\u00eda de seguridad planificada. Vulnerabilidad de control inadecuado de generaci\u00f3n de c\u00f3digo (\"inyecci\u00f3n de c\u00f3digo\") en WPENGINE INC Advanced Custom Fields PRO permite la inyecci\u00f3n de c\u00f3digo. Este problema afecta a Advanced Custom Fields PRO: desde n/a antes de 6.2.10."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-2-10-contributor-arbitrary-function-execution-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/advanced-custom-fields-pro/wordpress-advanced-custom-fields-pro-plugin-6-2-10-contributor-arbitrary-function-execution-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink