admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-326xx/CVE-2024-32680.json
cad-safe-bot 651d026f1b Auto-Update: 2025-04-13T02:00:19.312868+00:00
2025-04-13 02:04:23 +00:00

112 lines
3.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-32680",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-05-17T09:15:38.820",
"lastModified": "2025-03-20T20:30:34.187",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of Code ('Code Injection') vulnerability in PluginUS HUSKY \u2013 Products Filter for WooCommerce (formerly WOOF) allows Using Malicious Files, Code Inclusion.This issue affects HUSKY \u2013 Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.5.2."
},
{
"lang": "es",
"value": "Vulnerabilidad de limitaci\u00f3n incorrecta de un nombre de ruta a un directorio restringido (\"Path Traversal\"), control incorrecto de la generaci\u00f3n de c\u00f3digo (\"Inyecci\u00f3n de c\u00f3digo\") en PluginUS HUSKY \u2013 Products Filter para WooCommerce (anteriormente WOOF) permite el uso de archivos maliciosos y la inclusi\u00f3n de c\u00f3digo. El problema afecta a HUSKY \u2013 HUSKY \u2013 Products Filter para WooCommerce (anteriormente WOOF): desde n/a hasta 1.3.5.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluginus:husky_-_products_filter_professional_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.5.3",
"matchCriteriaId": "CB2B0D73-70FF-4081-A797-2C9166C43BA7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-products-filter/wordpress-husky-plugin-1-3-5-2-remote-code-execution-rce-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-products-filter/wordpress-husky-plugin-1-3-5-2-remote-code-execution-rce-vulnerability?_s_id=cve",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink