CVE-2024-30534

Missing Authorization vulnerability in typps Calendarista Basic Edition.This issue affects Calendarista Basic Edition: from n/a through 3.0.5.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://patchstack.com/database/vulnerability/calendarista-basic-edition/wordpress-calendarista-basic-edition-plugin-3-0-5-broken-access-control-vulnerability?_s_id=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:typps:calendarista:*:*:*:*:basic:wordpress:*:*

History

22 Jul 2024, 19:23

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de autorización faltante en typps Calendarista Basic Edition. Este problema afecta a Calendarista Basic Edition: desde n/a hasta 3.0.5.
First Time		Typps calendarista Typps
CVSS	v2 : ~~unknown~~ v3 : ~~6.5~~	v2 : unknown v3 : 9.8
CPE		cpe:2.3:a:typps:calendarista:::::basic:wordpress::
References	~~() https://patchstack.com/database/vulnerability/calendarista-basic-edition/wordpress-calendarista-basic-edition-plugin-3-0-5-broken-access-control-vulnerability?_s_id=cve -~~	() https://patchstack.com/database/vulnerability/calendarista-basic-edition/wordpress-calendarista-basic-edition-plugin-3-0-5-broken-access-control-vulnerability?_s_id=cve - Third Party Advisory

09 Jun 2024, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-09 09:15

Updated : 2024-07-22 19:23

NVD link : CVE-2024-30534

Mitre link : CVE-2024-30534

CVE.ORG link : CVE-2024-30534

JSON object : View

Products Affected

typps

calendarista

CWE

CWE-862

Missing Authorization

9.8 /10