CVE-2024-1371 in LeadConnector Plugin
요약
\~에 의해 MITRE • 2024. 04. 30.
The LeadConnector plugin for WordPress is vulnerable to unauthorized modification & loss of data due to a missing capability check on the lc_public_api_proxy() function in all versions up to, and including, 1.7. This makes it possible for unauthenticated attackers to delete arbitrary posts.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.