Lucene search

CVE-2021-24238

🗓️ 22 Apr 2021 21:09:15Reported by WPScanType

cve🔗 web.nvd.nist.gov👁 32 Views🌐 4 Media mentions

The Realteo WordPress plugin before 1.2.4, used by the Findeo Theme, allowed authenticated users to delete arbitrary properties

Reporter	Title	Published	Views	Family All 6
cnvd	WordPress Access Control Error Vulnerability (CNVD-2021-44310)	28 Apr 202100:00	–	cnvd
cvelist	CVE-2021-24238 Realteo < 1.2.4 - Arbitrary Property Deletion via IDOR	22 Apr 202121:00	–	cvelist
nvd	CVE-2021-24238	22 Apr 202121:15	–	nvd
prion	Design/Logic Flaw	22 Apr 202121:15	–	prion
wpvulndb	Realteo < 1.2.4 - Arbitrary Property Deletion via IDOR	31 Mar 202100:00	–	wpvulndb
wpexploit	Realteo < 1.2.4 - Arbitrary Property Deletion via IDOR	31 Mar 202100:00	–	wpexploit

Nvd

Vulners

Node

purethemes findeoRange<1.3.1wordpress

purethemes realteoRange<1.2.4wordpress

[
  {
    "product": "Realteo",
    "vendor": "PureThemes",
    "versions": [
      {
        "lessThan": "1.2.4",
        "status": "affected",
        "version": "1.2.4",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Findeo",
    "vendor": "PureThemes",
    "versions": [
      {
        "lessThan": "1.3.1",
        "status": "affected",
        "version": "1.3.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
m0ze	www.m0ze.ru/vulnerability/%5B2021-03-20%5D-%5BWordPress%5D-%5BCWE-284%5D-Realteo-WordPress-Plugin-v1.2.3.txt
m0ze	www.m0ze.ru/vulnerability/%5B2021-03-20%5D-%5BWordPress%5D-%5BCWE-284%5D-Findeo-WordPress-Theme-v1.3.0.txt
wpscan	www.wpscan.com/vulnerability/b8434eb2-f522-484f-9227-5f581e7f48a5
docs	www.docs.purethemes.net/findeo/knowledge-base/changelog-findeo/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Apr 2021 21:15Current

6.4Medium risk

Vulners AI Score6.4

CVSS24

CVSS36.5

EPSS0.002