nvd-json-data-feeds/CVE-2023/CVE-2023-515xx/CVE-2023-51505.json

{
  "id": "CVE-2023-51505",
  "sourceIdentifier": "audit@patchstack.com",
  "published": "2023-12-29T13:15:10.820",
  "lastModified": "2024-01-05T18:05:27.917",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Deserialization of Untrusted Data vulnerability in realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store.This issue affects Active Products Tables for WooCommerce. Professional products tables for WooCommerce store : from n/a through 1.0.6.\n\n"
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en realmag777 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store. Este problema afecta a Active Products Tables for WooCommerce. Professional products tables for WooCommerce store: desde n/a hasta 1.0.6."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      },
      {
        "source": "audit@patchstack.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ]
    },
    {
      "source": "audit@patchstack.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:pluginus:active_products_tables_for_woocommerce:*:*:*:*:*:wordpress:*:*",
              "versionEndIncluding": "1.0.6",
              "matchCriteriaId": "30D66AEA-E69E-47C1-AADA-122FEA8355A3"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://patchstack.com/database/vulnerability/profit-products-tables-for-woocommerce/wordpress-active-products-tables-for-woocommerce-plugin-1-0-6-unauthenticated-php-object-injection-vulnerability?_s_id=cve",
      "source": "audit@patchstack.com",
      "tags": [
        "Third Party Advisory"
      ]
    }
  ]
}