CVE-2024-8682 | JNews Plugin up to 11.6.6 on WordPress register_handler authorization

Inserito da Angelo Barbosa | Mar 5, 2025 | CVE

A vulnerability, which was classified as problematic, was found in JNews Plugin up to 11.6.6 on WordPress. Affected is the function register_handler. The manipulation leads to missing authorization.

This vulnerability is traded as CVE-2024-8682. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-8682 | JNews Plugin up to 11.6.6 on WordPress register_handler authorization

Post correlati

CVE-2021-47132 | Linux Kernel up to 5.12.9 mptcp __mptcp_retrans memory corruption (b9c78b1a9596/b5941f066b4c)

CVE-2024-43354 | myCred Plugin up to 2.7.2 on WordPress deserialization

CVE-2023-51599 | Honeywell Saia PG5 Controls Suite path traversal (ZDI-23-1848)

CVE-2024-53746 | FlickDevs Elementor Button Plus Plugin up to 1.3.3 on WordPress cross site scripting