admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-11xx/CVE-2024-1181.json
cad-safe-bot 7ab230f046 Auto-Update: 2025-03-16T03:00:19.723046+00:00
2025-03-16 03:03:50 +00:00

60 lines
2.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-1181",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-03-20T07:15:09.167",
"lastModified": "2024-11-21T08:49:58.703",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Coming Soon, Under Construction & Maintenance Mode By Dazzler plugin for WordPress is vulnerable to maintenance mode bypass in all versions up to, and including, 2.1.2. This is due to the plugin relying on the REQUEST_URI to determine if the page being accesses is an admin area. This makes it possible for unauthenticated attackers to bypass maintenance mode and access the site which may be considered confidential when in maintenance mode."
},
{
"lang": "es",
"value": "El complemento Coming Soon, Under Construction & Maintenance Mode de Dazzler para WordPress es vulnerable a la omisi\u00f3n del modo de mantenimiento en todas las versiones hasta la 2.1.2 incluida. Esto se debe a que el complemento se basa en REQUEST_URI para determinar si la p\u00e1gina a la que se accede es un \u00e1rea de administraci\u00f3n. Esto permite que atacantes no autenticados omitan el modo de mantenimiento y accedan al sitio que puede considerarse confidencial cuando est\u00e1 en modo de mantenimiento."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/coming-soon-wp/trunk/coming-soon-wp.php#L45",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc144cd-7119-477f-9fa1-b00cab215077?source=cve",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/coming-soon-wp/trunk/coming-soon-wp.php#L45",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc144cd-7119-477f-9fa1-b00cab215077?source=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink