exploitDog

CVE-2024-13364

Опубликовано: 19 фев. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

The Raptive Ads plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the site_ads_files_reset() and cls_file_reset() functions in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to reset the ad and cls files.

Ссылки

https://wordpress.org/plugins/adthrive-ads/
Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/7a08d857-c8be-4ba8-b9fb-eed222a8cd8c?source=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:raptive:raptive_ads:*:*:*:*:*:wordpress:*:*

Версия до 3.6.3 (включая)

EPSS

Процентиль: 63%

0.00451

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-jfpc-9686-g9rf

CVSS3: 5.3

github

12 месяцев назад

The Raptive Ads plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the site_ads_files_reset() and cls_file_reset() functions in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to reset the ad and cls files.

EPSS

Процентиль: 63%

0.00451

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-862