CVE-2024-1110 in Podlove Podcast Publisher Plugininformação

Sumário

de MITRE • 07/02/2024

The Podlove Podcast Publisher plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init() function in all versions up to, and including, 4.0.11. This makes it possible for unauthenticated attackers to import the plugin's settings.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

31/01/2024

Divulgação

07/02/2024

Moderação

aceite

Entrada

VDB-253094

CPE

pronto

CWE

CWE-862 (confirmado)

CVSS

5.3 (NVD)

EPSS

0.00185

KEV

não

Atividades

muito baixo

Sector

Hostingprovider

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-1110
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-1110
CVE Details	https://www.cvedetails.com/cve/CVE-2024-1110/

◂ Voltar Visão Geral Próximo ▸

Do you know our Splunk app?

Download it now for free!