CVE-2024-8290 | wclovers WCFM Plugin up to 6.7.12 on WordPress processing authorization

Inserito da Angelo Barbosa | Set 25, 2024 | CVE

A vulnerability was found in wclovers WCFM Plugin up to 6.7.12 on WordPress. It has been classified as problematic. Affected is the function WCFM_Customers_Manage_Controller::processing. The manipulation leads to authorization bypass.

This vulnerability is traded as CVE-2024-8290. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-8290 | wclovers WCFM Plugin up to 6.7.12 on WordPress processing authorization

Post correlati

CVE-2024-23295 | Apple visionOS 1.0 Persona improper authentication (HT214087)

CVE-2023-39922 | ThemeFusion Avada Plugin up to 7.11.1 on WordPress authorization

CVE-2024-39863 | Apache Airflow up to 2.9.2 Provider Installation cross site scripting

CVE-2023-5447 | Synaptics Fingerprint Driver prior 6.0.39.1136/6.0.64.1105 SynHsaService lock check