exploitDog

CVE-2024-50500

Опубликовано: 03 фев. 2025

Источник: nvd

CVSS3: 4.3

CVSS3: 9.8

EPSS Низкий

Описание

Missing Authorization vulnerability in By Averta Shortcodes and extra features for Phlox theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.17.2.

Ссылки

https://patchstack.com/database/wordpress/plugin/auxin-elements/vulnerability/wordpress-phlox-core-elements-plugin-2-17-2-broken-access-control-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:averta:shortcodes_and_extra_features_for_phlox_theme:*:*:*:*:*:wordpress:*:*

Версия до 2.17.3 (исключая)

EPSS

Процентиль: 33%

0.00131

Низкий

4.3 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-wmhp-g4mm-69rg

CVSS3: 4.3

github

около 1 года назад

Missing Authorization vulnerability in By Averta Shortcodes and extra features for Phlox theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.17.2.

EPSS

Процентиль: 33%

0.00131

Низкий

4.3 Medium

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-862