4.3
CVE-2024-1745
- EPSS 0.38%
- Veröffentlicht 26.03.2024 05:15:49
- Zuletzt bearbeitet 07.05.2025 01:27:57
- Quelle contact@wpscan.com
- CVE-Watchlists
- Unerledigt
Testimonial Slider < 2.3.7 - Author+ Settings Update
Testimonial Slider <= 2.3.6 - Missing Authorization to Authenticated (Author+) Settings Update
The Testimonial Slider WordPress plugin before 2.3.7 does not properly ensure that a user has the necessary capabilities to edit certain sensitive Testimonial Slider WordPress plugin before 2.3.7 settings, making it possible for users with at least the Author role to edit them.
Mögliche Gegenmaßnahme
Testimonial – Testimonial Slider and Showcase Plugin: Update to version 2.3.7, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Radiustheme ≫ Testimonial Slider And Showcase SwEdition- SwPlatformwordpress Version < 2.3.7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Testimonial – Testimonial Slider and Showcase Plugin
Version
*-2.3.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.297 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
|
https://wpscan.com/vulnerability/b63bbfeb-d6f7-4c33-8824-b86d64d3f598/
https://www.wordfence.com/threat-intel/vulnerabilities/id/3bff5508-7483-4c0e-8146-a157244d6ad2