admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-07xx/CVE-2024-0710.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

68 lines
3.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-0710",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-05-02T17:15:09.707",
"lastModified": "2024-11-21T08:47:11.403",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GP Unique ID plugin for WordPress is vulnerable to Unique ID Modification in all versions up to, and including, 1.5.5. This is due to insufficient input validation. This makes it possible for unauthenticated attackers to tamper with the generation of a unique ID on a form submission and replace the generated unique ID with a user-controlled one, leading to a loss of integrity in cases where the ID's uniqueness is relied upon in a security-specific context."
},
{
"lang": "es",
"value": "El complemento GP Unique ID para WordPress es vulnerable a la modificaci\u00f3n de ID \u00fanico en todas las versiones hasta la 1.5.5 incluida. Esto se debe a una validaci\u00f3n de entrada insuficiente. Esto hace posible que atacantes no autenticados alteren la generaci\u00f3n de una identificaci\u00f3n \u00fanica en el env\u00edo de un formulario y reemplacen la identificaci\u00f3n \u00fanica generada con una controlada por el usuario, lo que lleva a una p\u00e9rdida de integridad en los casos en que se conf\u00eda en la unicidad de la identificaci\u00f3n en un contexto espec\u00edfico de seguridad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://github.com/karlemilnikka/CVE-2024-0710/blob/main/README.md",
"source": "security@wordfence.com"
},
{
"url": "https://gravitywiz.com/documentation/gravity-forms-unique-id/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/26db2d25-01b8-49c5-a4d6-284780ac97bb?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://github.com/karlemilnikka/CVE-2024-0710/blob/main/README.md",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://gravitywiz.com/documentation/gravity-forms-unique-id/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/26db2d25-01b8-49c5-a4d6-284780ac97bb?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink