8.8
CVE-2024-39633
- EPSS 0.42%
- Veröffentlicht 01.08.2024 21:15:29
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle audit@patchstack.com
- CVE-Watchlists
- Unerledigt
WordPress PowerPack for Beaver Builder plugin <= 2.33.0 - Contributor+ Privilege Escalation vulnerability
PowerPack for Beaver Builder <= 2.33.0 - Authenticated (Contributor+) Privilege Escalation
Improper Privilege Management vulnerability in IdeaBox PowerPack for Beaver Builder allows Privilege Escalation.This issue affects PowerPack for Beaver Builder: from n/a through 2.33.0.
Mögliche Gegenmaßnahme
PowerPack for Beaver Builder: Update to version 2.33.1, or a newer patched version
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerideabox
≫
Produkt
powerpack_for_beaver_builder
Default Statusunknown
Version <=
2.33.0
Version
0
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
PowerPack for Beaver Builder
Version
*-2.33.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.333 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| audit@patchstack.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-269 Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
https://patchstack.com/database/vulnerability/bbpowerpack/wordpress-powerpack-for-beaver-builder-plugin-2-33-0-contributor-privilege-escalation-vulnerability?_s_id=cve
https://www.wordfence.com/threat-intel/vulnerabilities/id/6c338010-9281-44dc-a121-dc2ab5fd6707