7.5
CVE-2024-38749
- EPSS 0.8%
- Veröffentlicht 13.08.2024 11:15:16
- Zuletzt bearbeitet 27.05.2025 18:11:56
- Quelle audit@patchstack.com
- CVE-Watchlists
- Unerledigt
Olive One Click Demo Import <= 1.1.2 - Unauthenticated Information Exposure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive One Click Demo Import allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Olive One Click Demo Import: from n/a through 1.1.2.
Mögliche Gegenmaßnahme
Olive One Click Demo Import: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Olive One Click Demo Import
Version
*-1.1.2
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Olivethemes ≫ Olive One Click Demo Import SwPlatformwordpress Version <= 1.1.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.8% | 0.735 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| audit@patchstack.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.