Published on May 7th, 2019 📆 | 6985 Views ⚑
0WooCommerce Checkout Manager Plugin up to 4.2 on WordPress admin-ajax.php wccm_default_keys_load denial of service
CVSS Meta Temp Score | Current Exploit Price (≈) |
---|---|
4.4 | $0-$5k |
A vulnerability, which was classified as problematic, was found in WooCommerce Checkout Manager Plugin up to 4.2 on WordPress (E-Commerce Management Software). Affected is a function of the file wp-admin/admin-ajax.php?action=update_attachment_wccm. The manipulation of the argument wccm_default_keys_load
as part of a Parameter leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. This is going to have an impact on integrity, and availability.
The weakness was released 05/06/2019. This vulnerability is traded as CVE-2019-11807 since 05/06/2019. There are known technical details, but no exploit is available.
Upgrading to version 4.3 eliminates this vulnerability.
Vendor
Name
VulDB Meta Base Score: 4.6
VulDB Meta Temp Score: 4.4
VulDB Base Score: ≈4.6
VulDB Temp Score: ≈4.4
VulDB Vector: ?
VulDB Reliability: ?
VulDB Base Score: ?
VulDB Temp Score: ?
VulDB Reliability: ?
Class: Denial of service (CWE-404)
Local: Yes
Remote: No
Availability: ?
Status: Not defined
Price Prediction: ?
Current Price Estimation: ?
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: ?
Adversaries: ?
Geopolitics: ?
Economy: ?
Predictions: ?
Remediation: ?Recommended: Upgrade
Status: ?
0-Day Time: ?
Upgrade: Checkout Manager Plugin 4.3
05/06/2019 Advisory disclosed
05/06/2019 CVE assigned
05/07/2019 VulDB entry created
05/07/2019 VulDB last updateCVE: CVE-2019-11807 (?)Created: 05/07/2019 07:24 AM
Complete: ?
Enable the mail alert feature now!
https://vuldb.com/?id.134436
Gloss