exploitDog

CVE-2026-24634

Опубликовано: 23 янв. 2026

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Ultimate Reviews ultimate-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Reviews: from n/a through <= 3.2.16.

Ссылки

https://patchstack.com/database/Wordpress/Plugin/ultimate-reviews/vulnerability/wordpress-ultimate-reviews-plugin-3-2-16-insecure-direct-object-references-idor-vulnerability?_s_id=cve

EPSS

Процентиль: 11%

0.00037

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-639

Связанные уязвимости

GHSA-c67v-fpqg-f8j8

CVSS3: 5.3

github

15 дней назад

Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Ultimate Reviews ultimate-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Reviews: from n/a through <= 3.2.16.

EPSS

Процентиль: 11%

0.00037

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-639