Back

CVE-2024-35172

May 14, 2024, 4:11 p.m.

Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

Products

ShortPixel Adaptive Images

  • n/a - 3.8.3

Source

audit@patchstack.com

Tags

audit@patchstack.com
2024-05-14
CWE-918
CVE-2024-35172

CVE-2024-35172 details

Published : May 14, 2024, 3:39 p.m.
Last Modified : May 14, 2024, 4:11 p.m.

Description

Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPixel Adaptive Images.This issue affects ShortPixel Adaptive Images: from n/a through 3.8.3.

CVSS Score

1 2 3 4.4 5 6 7 8 9 10

Weakness

Weakness Name Description

CVSS Data

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

Base Score

4.4

Exploitability Score

Impact Score

Base Severity

MEDIUM

Vector String : CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N

References

URL Source
https://patchstack.com/database/vulnerability/shortpixel-adaptive-images/wordpress-shortpixel-adaptive-images-plugin-3-8-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve audit@patchstack.com
This website uses the NVD API, but is not approved or certified by it.