CVE-2024-1352 in Classified Listing PluginИнформация

Сводка

по MITRE • 09.04.2024

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access & modification of data due to a missing capability check on the rtcl_import_location() rtcl_import_category() functions in all versions up to, and including, 3.0.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to create terms.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

Wordfence

Резервировать

08.02.2024

Раскрытие

09.04.2024

Модерация

принято

Вход

VDB-259428

CPE

готов

CWE

CWE-862 (Подтверждённый)

CVSS

5.3 (NVD)

EPSS

0.00344

KEV

Нет

Деятельности

Очень низкий

Сектор

Hostingprovider

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-1352
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-1352
CVE Details	https://www.cvedetails.com/cve/CVE-2024-1352/

◂ Предыдущий Обзор Далее ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!