CVE-2024-4410

🗓️ 27 Jul 2024 02:10:15Reported by WordfenceType

IgnitionDeck plugin for WordPress has Missing Authorization vulnerability

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
NVD	CVE-2024-4410	27 Jul 202402:15	–	nvd
RedhatCVE	CVE-2024-4410	23 May 202507:30	–	redhatcve
Vulnrichment	CVE-2024-4410 IgnitionDeck Crowdfunding Platform <= 1.9.8 - Missing Authorization	27 Jul 202401:51	–	vulnrichment
Patchstack	WordPress IgnitionDeck Plugin <= 1.9.8 is vulnerable to Broken Access Control	29 Jul 202400:00	–	patchstack
Cvelist	CVE-2024-4410 IgnitionDeck Crowdfunding Platform <= 1.9.8 - Missing Authorization	27 Jul 202401:51	–	cvelist
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (July 22, 2024 to July 28, 2024)	1 Aug 202414:18	–	wordfence

Vulners

Node

ignitionwp ignitiondeck_crowdfunding_platformRange≤1.9.8wordpress

[
  {
    "vendor": "ignitionwp",
    "product": "IgnitionDeck Crowdfunding Platform",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "1.9.8",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/ignitiondeck/trunk/classes/class-idf-wizard.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/07b6aad4-fbaf-4c0c-b2b7-6e264a1afb9b
plugins	www.plugins.trac.wordpress.org/browser/ignitiondeck/trunk/classes/class-idf-wizard.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Jul 2024 02:15Current

5.4Medium risk

Vulners AI Score5.4

CVSS35.4

EPSS0.0015

SSVC

CWE-862