exploitDog

CVE-2026-24991

Опубликовано: 03 фев. 2026

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Authorization Bypass Through User-Controlled Key vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extensions For CF7: from n/a through <= 3.4.0.

Ссылки

https://patchstack.com/database/Wordpress/Plugin/extensions-for-cf7/vulnerability/wordpress-extensions-for-cf7-plugin-3-4-0-insecure-direct-object-references-idor-vulnerability?_s_id=cve

EPSS

Процентиль: 8%

0.00028

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-639

Связанные уязвимости

GHSA-4vq2-qq4m-vp5x

CVSS3: 5.3

github

4 дня назад

Authorization Bypass Through User-Controlled Key vulnerability in HT Plugins Extensions For CF7 extensions-for-cf7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extensions For CF7: from n/a through <= 3.4.0.

EPSS

Процентиль: 8%

0.00028

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-639