CVE-2024-0324 | User Profile Builder Plugin up to 3.10.8 on WordPress Setting wppb_two_factor_authentication_settings_update authorization

Posted by Angelo Barbosa | Jan 16, 2024 | CVE

A vulnerability was found in User Profile Builder Plugin up to 3.10.8 on WordPress and classified as critical. This issue affects the function wppb_two_factor_authentication_settings_update of the component Setting Handler. The manipulation leads to missing authorization.

The identification of this vulnerability is CVE-2024-0324. The attack may be initiated remotely. There is no exploit available.

CVE-2024-0324 | User Profile Builder Plugin up to 3.10.8 on WordPress Setting wppb_two_factor_authentication_settings_update authorization

Related Posts

CVE-2024-40560 | Tmall Demo prior 2024.07.03 sql injection

CVE-2024-38641 | QNAP QTS/QuTS hero prior 5.1.8.2823 Build 20240712 os command injection (qsa-24-33)

CVE-2023-49338 | Couchbase Server up to 7.2.3 on TCP Service Port 8093 /admin/stats improper authentication

CVE-2024-31279 | Catch Plugins Generate Child Theme up to 2.0 on WordPress cross-site request forgery