Untriaged
Permalink
CVE-2024-30229
8.0 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): HIGH
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
WordPress Give plugin <= 3.4.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.4.2.
References
- https://patchstack.com/database/vulnerability/give/wordpress-give-plugin-3-4-2-… vdb-entry
- https://patchstack.com/database/vulnerability/give/wordpress-give-plugin-3-4-2-… vdb-entry
- https://patchstack.com/database/vulnerability/give/wordpress-give-plugin-3-4-2-… vdb-entry
- https://patchstack.com/database/vulnerability/give/wordpress-give-plugin-3-4-2-… vdb-entry x_transferred
Affected products
give
- =<3.4.2
givewp
- =<3.4.2
Matching in nixpkgs
pkgs.filegive
Easy p2p file sending program
-
nixos-unstable -
- nixpkgs-unstable 2022-05-29