admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-23xx/CVE-2024-2384.json
cad-safe-bot 4deb66f850 Auto-Update: 2024-10-06T02:00:16.927213+00:00
2024-10-06 02:03:15 +00:00

52 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-2384",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-20T03:15:08.327",
"lastModified": "2024-03-20T13:00:16.367",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce POS plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.4.11. This is due to the plugin not properly verifying the authentication and authorization of the current user This makes it possible for authenticated attackers, with customer-level access and above, to view potentially sensitive information about other users by leveraging their order id"
},
{
"lang": "es",
"value": "El complemento WooCommerce POS para WordPress es vulnerable a la divulgaci\u00f3n de informaci\u00f3n en todas las versiones hasta la 1.4.11 incluida. Esto se debe a que el complemento no verifica correctamente la autenticaci\u00f3n y la autorizaci\u00f3n del usuario actual. Esto hace posible que los atacantes autenticados, con acceso a nivel de cliente y superior, vean informaci\u00f3n potencialmente confidencial sobre otros usuarios aprovechando su identificaci\u00f3n de pedido."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3053833%40woocommerce-pos&new=3053833%40woocommerce-pos&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d6b8ba69-aa8b-436f-990c-39e283f5d2f2?source=cve",
"source": "security@wordfence.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink