{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2795", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-03-21T18:14:20.653Z", "datePublished": "2024-06-28T06:57:46.802Z", "dateUpdated": "2024-08-01T19:25:42.149Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-06-28T06:57:46.802Z"}, "affected": [{"vendor": "looswebstudio", "product": "SEO SIMPLE PACK", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "3.2.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The SEO SIMPLE PACK plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.2.1 via META description. This makes it possible for unauthenticated attackers to extract limited information about password protected posts."}], "title": "SEO SIMPLE PACK <= 3.2.1 - Information Exposure", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f62a9ca0-7077-410f-b005-175348acd133?source=cve"}, {"url": "https://wordpress.org/plugins/seo-simple-pack/"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Information Exposure"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Krzysztof Zaj\u0105c"}], "timeline": [{"time": "2024-06-27T00:00:00.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"affected": [{"vendor": "looswebstudio", "product": "seo_simple_pack", "cpes": ["cpe:2.3:a:looswebstudio:seo_simple_pack:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.2.1", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-02T19:24:04.429452Z", "id": "CVE-2024-2795", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-02T19:25:40.357Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:25:42.149Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f62a9ca0-7077-410f-b005-175348acd133?source=cve", "tags": ["x_transferred"]}, {"url": "https://wordpress.org/plugins/seo-simple-pack/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f62a9ca0-7077-410f-b005-175348acd133?source=cve", "tags": ["x_transferred"]}, {"url": "https://wordpress.org/plugins/seo-simple-pack/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:25:42.149Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2795", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-02T19:24:04.429452Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:looswebstudio:seo_simple_pack:*:*:*:*:*:*:*:*"], "vendor": "looswebstudio", "product": "seo_simple_pack", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.2.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-02T19:25:31.957Z"}}], "cna": {"title": "SEO SIMPLE PACK <= 3.2.1 - Information Exposure", "credits": [{"lang": "en", "type": "finder", "value": "Krzysztof Zaj\u0105c"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "affected": [{"vendor": "looswebstudio", "product": "SEO SIMPLE PACK", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "3.2.1"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-06-27T00:00:00.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f62a9ca0-7077-410f-b005-175348acd133?source=cve"}, {"url": "https://wordpress.org/plugins/seo-simple-pack/"}], "descriptions": [{"lang": "en", "value": "The SEO SIMPLE PACK plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.2.1 via META description. This makes it possible for unauthenticated attackers to extract limited information about password protected posts."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-200 Information Exposure"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-06-28T06:57:46.802Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2795", "state": "PUBLISHED", "dateUpdated": "2024-08-01T19:25:42.149Z", "dateReserved": "2024-03-21T18:14:20.653Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-06-28T06:57:46.802Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "The SEO SIMPLE PACK plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.2.1 via META description. This makes it possible for unauthenticated attackers to extract limited information about password protected posts."}, {"lang": "es", "value": "El complemento SEO SIMPLE PACK para WordPress es vulnerable a la exposici\u00f3n de la informaci\u00f3n en todas las versiones hasta la 3.2.1 incluida a trav\u00e9s de la descripci\u00f3n META. Esto hace posible que atacantes no autenticados extraigan informaci\u00f3n limitada sobre publicaciones protegidas con contrase\u00f1a."}], "id": "CVE-2024-2795", "lastModified": "2024-11-21T09:10:32.120", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-06-28T07:15:03.157", "references": [{"source": "security@wordfence.com", "url": "https://wordpress.org/plugins/seo-simple-pack/"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f62a9ca0-7077-410f-b005-175348acd133?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://wordpress.org/plugins/seo-simple-pack/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f62a9ca0-7077-410f-b005-175348acd133?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Awaiting Analysis"}

{}