exploitDog

CVE-2024-0212

Опубликовано: 29 янв. 2024

Источник: nvd

CVSS3: 8.1

CVSS3: 6.5

EPSS Низкий

Описание

The Cloudflare Wordpress plugin was found to be vulnerable to improper authentication. The vulnerability enables attackers with a lower privileged account to access data from the Cloudflare API.

Ссылки

https://github.com/cloudflare/Cloudflare-WordPress/releases/tag/v4.12.3
Release Notes
https://github.com/cloudflare/Cloudflare-WordPress/security/advisories/GHSA-h2fj-7r3m-7gf2
Vendor Advisory
https://github.com/cloudflare/Cloudflare-WordPress/releases/tag/v4.12.3
Release Notes
https://github.com/cloudflare/Cloudflare-WordPress/security/advisories/GHSA-h2fj-7r3m-7gf2
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cloudflare:cloudflare:*:*:*:*:*:wordpress:*:*

Версия до 4.12.3 (исключая)

EPSS

Процентиль: 79%

0.01264

Низкий

8.1 High

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-284

NVD-CWE-Other

EPSS

Процентиль: 79%

0.01264

Низкий

8.1 High

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-284

NVD-CWE-Other