CVE-2024-12860 | scriptsbundle CarSpot Plugin up to 2.4.3 on WordPress unverified password change

Inserito da Angelo Barbosa | Feb 18, 2025 | CVE

A vulnerability classified as very critical has been found in scriptsbundle CarSpot Plugin up to 2.4.3 on WordPress. This affects an unknown part. The manipulation leads to unverified password change.

This vulnerability is uniquely identified as CVE-2024-12860. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-12860 | scriptsbundle CarSpot Plugin up to 2.4.3 on WordPress unverified password change

Post correlati

CVE-2023-6289 | Swift Performance Lite Plugin up to 2.3.6.14 on WordPress Settings Export authorization

CVE-2024-56545 | Linux Kernel up to 6.6.63/6.11.10/6.12.1 hyperv drivers/base/devres.c devres_open_group allocation of resources

CVE-2024-52317 | Apache Tomcat up to 9.0.95/10.1.30/11.0.0-M26 HTTP/2 Request

CVE-2024-8158 | 9front lib9p authorization