Products
SolidWP Solid Security
- n/a - 9.3.1
Source
audit@patchstack.com
Tags
CVE-2022-44593 details
Published : June 21, 2024, 4:15 p.m.
Last Modified : June 21, 2024, 7:15 p.m.
Last Modified : June 21, 2024, 7:15 p.m.
Description
Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through 9.3.1.
CVSS Score
| 1 | 2 | 3.7 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-348 | Use of Less Trusted Source | The product has two different sources of the same data or information, but it uses the source that has less support for verification, is less trusted, or is less resistant to attack. |
CVSS Data
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
Base Score
3.7
Exploitability Score
2.2
Impact Score
1.4
Base Severity
LOW
Vector String : CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
References
| URL | Source |
|---|---|
| https://patchstack.com/database/vulnerability/better-wp-security/wordpress-solid-security-plugin-9-3-1-ip-spoofing-leading-to-denial-of-service-vulnerability?_s_id=cve | audit@patchstack.com |
This website uses the NVD API, but is not approved or certified by it.