CVE-2024-10800 | vanquish User Extra Fields Plugin up to 16.6 on WordPress ajax_save_fields authorization

Posted by Angelo Barbosa | Nov 13, 2024 | CVE

A vulnerability was found in vanquish User Extra Fields Plugin up to 16.6 on WordPress. It has been classified as critical. This affects the function ajax_save_fields. The manipulation leads to missing authorization.

This vulnerability is uniquely identified as CVE-2024-10800. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-10800 | vanquish User Extra Fields Plugin up to 16.6 on WordPress ajax_save_fields authorization

Related Posts

CVE-2024-24564 | Vyper up to 0.3.10 extract32 start out-of-bounds (GHSA-4hwq-4cpm-8vmx)

CVE-2024-9425 | Advanced Category and Custom Taxonomy Image Plugin Shortcode ad_tax_image cross site scripting

CVE-2024-34800 | Aruphash Crafthemes Demo Import Plugin up to 3.3 on WordPress missing authentication

CVE-2024-22752 | EaseUS MobiMover 6.0.5 Build 21620 Executable permission