Untriaged
Permalink
CVE-2024-37099
10.0 CRITICAL
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
WordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1.
References
Affected products
give
- =<3.14.1
givewp
- =<3.14.1
Matching in nixpkgs
pkgs.filegive
Easy p2p file sending program
-
nixos-unstable -
- nixpkgs-unstable 2022-05-29