CVE-2024-31308

Опубликовано: 07 апр. 2024

Источник: nvd

CVSS3: 4.4

CVSS3: 7.2

EPSS Низкий

Описание

Deserialization of Untrusted Data vulnerability in VJInfotech WP Import Export Lite.This issue affects WP Import Export Lite: from n/a through 3.9.26.

Ссылки

https://patchstack.com/database/vulnerability/wp-import-export-lite/wordpress-wp-import-export-lite-wp-import-export-plugin-3-9-26-php-object-injection-vulnerability?_s_id=cve
Third Party Advisory
https://patchstack.com/database/vulnerability/wp-import-export-lite/wordpress-wp-import-export-lite-wp-import-export-plugin-3-9-26-php-object-injection-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vjinfotech:wp_import_export_lite:*:*:*:*:*:wordpress:*:*

Версия до 3.9.27 (исключая)

EPSS

Процентиль: 45%

0.0023

Низкий

4.4 Medium

CVSS3

7.2 High

CVSS3

Дефекты

CWE-502

Связанные уязвимости

GHSA-x237-rgmj-6rg4

CVSS3: 4.4

github

почти 2 года назад

Deserialization of Untrusted Data vulnerability in VJInfotech WP Import Export Lite.This issue affects WP Import Export Lite: from n/a through 3.9.26.

EPSS

Процентиль: 45%

0.0023

Низкий

4.4 Medium

CVSS3

7.2 High

CVSS3

Дефекты

CWE-502