AI description
Automated description summarized from trusted sources.
CVE-2024-54222 describes a missing authorization vulnerability found in the Seraphinite Solutions Seraphinite Accelerator plugin. This flaw allows for the retrieval of embedded sensitive data due to inadequate authorization checks. The vulnerability impacts versions of Seraphinite Accelerator up to and including 2.22.15.
- Description
- Missing Authorization vulnerability in Seraphinite Solutions Seraphinite Accelerator seraphinite-accelerator allows Retrieve Embedded Sensitive Data.This issue affects Seraphinite Accelerator: from n/a through <= 2.22.15.
- Source
- audit@patchstack.com
- NVD status
- Deferred
CVSS 3.1
- Type
- Secondary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- audit@patchstack.com
- CWE-862
- Hype score
- Not currently trending