Lucene search

CVE-2024-3602

🗓️ 20 Jun 2024 02:10:15Reported by WordfenceType

WordPress Promolayer plugin vulnerability allows unauthorized settings updat

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
NVD	CVE-2024-3602	20 Jun 202402:15	–	nvd
Patchstack	WordPress Promolayer Plugin <= 1.1.0 is vulnerable to Broken Access Control	19 Jun 202400:00	–	patchstack
Vulnrichment	CVE-2024-3602 Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer <= 1.1.0 - Missing Authorization	20 Jun 202402:08	–	vulnrichment
Cvelist	CVE-2024-3602 Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer <= 1.1.0 - Missing Authorization	20 Jun 202402:08	–	cvelist
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 17, 2024 to June 23, 2024)	27 Jun 202415:00	–	wordfence

Nvd

Vulners

Node

promolayer popup_builderRange≤1.1.0wordpress

[
  {
    "vendor": "promolayerpopupbuilder",
    "product": "Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.1.0",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/promolayer-popup-builder/trunk/admin/class-promolayer-admin.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/05b051bc-3b1c-412e-b3d0-98ff2c8bc06e

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Jun 2024 02:15Current

4.7Medium risk

Vulners AI Score4.7

CVSS34.3

EPSS0.00085

SSVC

CWE-862