Search criteria
12 vulnerabilities found for integrate_google_drive by softlabbd
FKIE_CVE-2023-52177
Vulnerability from fkie_nvd - Published: 2024-06-12 09:15 - Updated: 2025-12-02 20:47
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.3.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| softlabbd | integrate_google_drive | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "6C33EECA-EFEB-4560-8ABE-92531C48F5A9",
"versionEndExcluding": "1.3.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.3."
},
{
"lang": "es",
"value": "Vulnerabilidad de falta de autorizaci\u00f3n en SoftLab Integrate Google Drive. Este problema afecta a Integrate Google Drive: desde n/a hasta 1.3.3."
}
],
"id": "CVE-2023-52177",
"lastModified": "2025-12-02T20:47:06.233",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "audit@patchstack.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-12T09:15:16.067",
"references": [
{
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-3-broken-access-control-vulnerability?_s_id=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-3-broken-access-control-vulnerability?_s_id=cve"
}
],
"sourceIdentifier": "audit@patchstack.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "audit@patchstack.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-35670
Vulnerability from fkie_nvd - Published: 2024-06-04 19:20 - Updated: 2024-11-21 09:20
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| softlabbd | integrate_google_drive | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "34F911DB-004F-4F97-BD0A-91DBED7EC537",
"versionEndExcluding": "1.3.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93."
},
{
"lang": "es",
"value": "Vulnerabilidad de autenticaci\u00f3n rota en SoftLab Integrate Google Drive. Este problema afecta a Integrate Google Drive: desde n/a hasta 1.3.93."
}
],
"id": "CVE-2024-35670",
"lastModified": "2024-11-21T09:20:37.550",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "audit@patchstack.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-04T19:20:08.777",
"references": [
{
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cve"
}
],
"sourceIdentifier": "audit@patchstack.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-49769
Vulnerability from fkie_nvd - Published: 2023-12-17 10:15 - Updated: 2024-11-21 08:33
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| softlabbd | integrate_google_drive | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "EFE24392-7F39-4194-98EE-085AB1C42732",
"versionEndExcluding": "1.3.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en SoftLab Integrate Google Drive. Este problema afecta a Integrate Google Drive: desde n/a hasta 1.3.4."
}
],
"id": "CVE-2023-49769",
"lastModified": "2024-11-21T08:33:48.503",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "audit@patchstack.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-17T10:15:07.880",
"references": [
{
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"sourceIdentifier": "audit@patchstack.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "audit@patchstack.com",
"type": "Primary"
}
]
}
FKIE_CVE-2023-47548
Vulnerability from fkie_nvd - Published: 2023-12-07 13:15 - Updated: 2024-11-21 08:30
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| softlabbd | integrate_google_drive | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "C9B6C822-237C-4B0F-8C09-9964DCECD945",
"versionEndExcluding": "1.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in SoftLab Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de redireccionamiento de URL a un sitio que no es de confianza (\u0027Open Redirect\u0027) en SoftLab Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site. Este problema afecta a Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: desde n/a hasta 1.3.2."
}
],
"id": "CVE-2023-47548",
"lastModified": "2024-11-21T08:30:26.237",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "audit@patchstack.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-07T13:15:07.500",
"references": [
{
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-0-open-redirection-vulnerability?_s_id=cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-0-open-redirection-vulnerability?_s_id=cve"
}
],
"sourceIdentifier": "audit@patchstack.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "audit@patchstack.com",
"type": "Primary"
}
]
}
CVE-2023-52177 (GCVE-0-2023-52177)
Vulnerability from cvelistv5 – Published: 2024-06-12 08:42 – Updated: 2024-08-02 22:55
VLAI?
Summary
Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.3.
Severity ?
5.4 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftLab | Integrate Google Drive |
Affected:
n/a , ≤ 1.3.3
(custom)
|
Credits
Nguyen Xuan Chien (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52177",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T19:29:02.024919Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T19:29:08.907Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:40.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-3-broken-access-control-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "integrate-google-drive",
"product": "Integrate Google Drive",
"vendor": "SoftLab",
"versions": [
{
"changes": [
{
"at": "1.3.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nguyen Xuan Chien (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in SoftLab Integrate Google Drive.\u003cp\u003eThis issue affects Integrate Google Drive: from n/a through 1.3.3.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T08:42:12.347Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-3-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.3.4 or a higher version."
}
],
"value": "Update to 1.3.4 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Integrate Google Drive plugin \u003c= 1.3.3 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-52177",
"datePublished": "2024-06-12T08:42:12.347Z",
"dateReserved": "2023-12-29T10:16:45.174Z",
"dateUpdated": "2024-08-02T22:55:40.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-35670 (GCVE-0-2024-35670)
Vulnerability from cvelistv5 – Published: 2024-06-04 19:06 – Updated: 2024-08-02 03:14
VLAI?
Summary
Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93.
Severity ?
5.3 (Medium)
CWE
- Broken Authentication
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftLab | Integrate Google Drive |
Affected:
n/a , ≤ 1.3.93
(custom)
|
Credits
Steven Julian (Patchstack Alliance)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "integrate_google_drive",
"vendor": "softlabbd",
"versions": [
{
"lessThanOrEqual": "1.3.93",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35670",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T20:33:39.639719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T20:36:19.096Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:14:53.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "integrate-google-drive",
"product": "Integrate Google Drive",
"vendor": "SoftLab",
"versions": [
{
"changes": [
{
"at": "1.3.94",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.93",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Steven Julian (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Broken Authentication vulnerability in SoftLab Integrate Google Drive.\u003cp\u003eThis issue affects Integrate Google Drive: from n/a through 1.3.93.\u003c/p\u003e"
}
],
"value": "Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Broken Authentication",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T19:06:31.769Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.3.94 or a higher version."
}
],
"value": "Update to 1.3.94 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Integrate Google Drive plugin \u003c= 1.3.93 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-35670",
"datePublished": "2024-06-04T19:06:31.769Z",
"dateReserved": "2024-05-17T10:08:34.666Z",
"dateUpdated": "2024-08-02T03:14:53.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-49769 (GCVE-0-2023-49769)
Vulnerability from cvelistv5 – Published: 2023-12-17 09:58 – Updated: 2024-08-02 22:01
VLAI?
Summary
Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4.
Severity ?
4.3 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftLab | Integrate Google Drive |
Affected:
n/a , ≤ 1.3.4
(custom)
|
Credits
Mika (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:01:25.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "integrate-google-drive",
"product": "Integrate Google Drive",
"vendor": "SoftLab",
"versions": [
{
"changes": [
{
"at": "1.3.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Mika (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.\u003cp\u003eThis issue affects Integrate Google Drive: from n/a through 1.3.4.\u003c/p\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-17T09:58:31.416Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;1.3.5 or a higher version."
}
],
"value": "Update to\u00a01.3.5 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Integrate Google Drive Plugin \u003c= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-49769",
"datePublished": "2023-12-17T09:58:31.416Z",
"dateReserved": "2023-11-30T13:22:54.825Z",
"dateUpdated": "2024-08-02T22:01:25.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47548 (GCVE-0-2023-47548)
Vulnerability from cvelistv5 – Published: 2023-12-07 12:15 – Updated: 2024-08-02 21:09
VLAI?
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.
Severity ?
4.7 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftLab | Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site |
Affected:
n/a , ≤ 1.3.2
(custom)
|
Credits
minhtuanact (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:37.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-0-open-redirection-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "integrate-google-drive",
"product": "Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site",
"vendor": "SoftLab",
"versions": [
{
"changes": [
{
"at": "1.3.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "minhtuanact (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in SoftLab Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.\u003cp\u003eThis issue affects Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.\u003c/p\u003e"
}
],
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in SoftLab Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-07T12:15:06.883Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-0-open-redirection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;1.3.3 or a higher version."
}
],
"value": "Update to\u00a01.3.3 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Integrate Google Drive Plugin \u003c= 1.3.2 is vulnerable to Open Redirection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-47548",
"datePublished": "2023-12-07T12:15:06.883Z",
"dateReserved": "2023-11-06T11:10:24.704Z",
"dateUpdated": "2024-08-02T21:09:37.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-52177 (GCVE-0-2023-52177)
Vulnerability from nvd – Published: 2024-06-12 08:42 – Updated: 2024-08-02 22:55
VLAI?
Summary
Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.3.
Severity ?
5.4 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftLab | Integrate Google Drive |
Affected:
n/a , ≤ 1.3.3
(custom)
|
Credits
Nguyen Xuan Chien (Patchstack Alliance)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-52177",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T19:29:02.024919Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T19:29:08.907Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:55:40.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-3-broken-access-control-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "integrate-google-drive",
"product": "Integrate Google Drive",
"vendor": "SoftLab",
"versions": [
{
"changes": [
{
"at": "1.3.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nguyen Xuan Chien (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in SoftLab Integrate Google Drive.\u003cp\u003eThis issue affects Integrate Google Drive: from n/a through 1.3.3.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.3."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T08:42:12.347Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-3-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.3.4 or a higher version."
}
],
"value": "Update to 1.3.4 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Integrate Google Drive plugin \u003c= 1.3.3 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-52177",
"datePublished": "2024-06-12T08:42:12.347Z",
"dateReserved": "2023-12-29T10:16:45.174Z",
"dateUpdated": "2024-08-02T22:55:40.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-35670 (GCVE-0-2024-35670)
Vulnerability from nvd – Published: 2024-06-04 19:06 – Updated: 2024-08-02 03:14
VLAI?
Summary
Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93.
Severity ?
5.3 (Medium)
CWE
- Broken Authentication
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftLab | Integrate Google Drive |
Affected:
n/a , ≤ 1.3.93
(custom)
|
Credits
Steven Julian (Patchstack Alliance)
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:softlabbd:integrate_google_drive:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "integrate_google_drive",
"vendor": "softlabbd",
"versions": [
{
"lessThanOrEqual": "1.3.93",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-35670",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T20:33:39.639719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T20:36:19.096Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:14:53.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "integrate-google-drive",
"product": "Integrate Google Drive",
"vendor": "SoftLab",
"versions": [
{
"changes": [
{
"at": "1.3.94",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.93",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Steven Julian (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Broken Authentication vulnerability in SoftLab Integrate Google Drive.\u003cp\u003eThis issue affects Integrate Google Drive: from n/a through 1.3.93.\u003c/p\u003e"
}
],
"value": "Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Broken Authentication",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T19:06:31.769Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-93-broken-access-control-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 1.3.94 or a higher version."
}
],
"value": "Update to 1.3.94 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Integrate Google Drive plugin \u003c= 1.3.93 - Broken Access Control vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-35670",
"datePublished": "2024-06-04T19:06:31.769Z",
"dateReserved": "2024-05-17T10:08:34.666Z",
"dateUpdated": "2024-08-02T03:14:53.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-49769 (GCVE-0-2023-49769)
Vulnerability from nvd – Published: 2023-12-17 09:58 – Updated: 2024-08-02 22:01
VLAI?
Summary
Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4.
Severity ?
4.3 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftLab | Integrate Google Drive |
Affected:
n/a , ≤ 1.3.4
(custom)
|
Credits
Mika (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:01:25.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "integrate-google-drive",
"product": "Integrate Google Drive",
"vendor": "SoftLab",
"versions": [
{
"changes": [
{
"at": "1.3.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Mika (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.\u003cp\u003eThis issue affects Integrate Google Drive: from n/a through 1.3.4.\u003c/p\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-17T09:58:31.416Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;1.3.5 or a higher version."
}
],
"value": "Update to\u00a01.3.5 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Integrate Google Drive Plugin \u003c= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-49769",
"datePublished": "2023-12-17T09:58:31.416Z",
"dateReserved": "2023-11-30T13:22:54.825Z",
"dateUpdated": "2024-08-02T22:01:25.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47548 (GCVE-0-2023-47548)
Vulnerability from nvd – Published: 2023-12-07 12:15 – Updated: 2024-08-02 21:09
VLAI?
Summary
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.
Severity ?
4.7 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SoftLab | Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site |
Affected:
n/a , ≤ 1.3.2
(custom)
|
Credits
minhtuanact (Patchstack Alliance)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:37.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-0-open-redirection-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "integrate-google-drive",
"product": "Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site",
"vendor": "SoftLab",
"versions": [
{
"changes": [
{
"at": "1.3.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "minhtuanact (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in SoftLab Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.\u003cp\u003eThis issue affects Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.\u003c/p\u003e"
}
],
"value": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) vulnerability in SoftLab Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive \u2013 Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-07T12:15:06.883Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-0-open-redirection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;1.3.3 or a higher version."
}
],
"value": "Update to\u00a01.3.3 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Integrate Google Drive Plugin \u003c= 1.3.2 is vulnerable to Open Redirection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-47548",
"datePublished": "2023-12-07T12:15:06.883Z",
"dateReserved": "2023-11-06T11:10:24.704Z",
"dateUpdated": "2024-08-02T21:09:37.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}