8.8
CVE-2024-43932
- EPSS 0.35%
- Veröffentlicht 01.11.2024 15:15:49
- Zuletzt bearbeitet 13.11.2024 01:23:26
- Quelle audit@patchstack.com
- CVE-Watchlists
- Unerledigt
LoginThe Plus Addons for Elementor Page Builder Lite <= 5.6.2 - Missing Authorization
Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.2.
Mögliche Gegenmaßnahme
The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce: Update to version 5.6.3, or a newer patched version
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce
Version
*-5.6.2
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Posimyth ≫ The Plus Addons For Elementor SwEditionfree SwPlatformwordpress Version < 5.6.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.567 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| audit@patchstack.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.