Lucene search

CVE-2024-5570 Simple Photoswipe <= 0.1 - Subscriber+ Arbitrary Settings Update

🗓️ 28 Jun 2024 06:03:00Reported by WPScanType

Simple Photoswipe WordPress plugin lacks authorization check allowing arbitrary settings update by authenticated user

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Patchstack	WordPress Simple Photoswipe Plugin <= 0.1 is vulnerable to Settings Change	1 Jul 202400:00	–	patchstack
NVD	CVE-2024-5570	28 Jun 202406:15	–	nvd
CVE	CVE-2024-5570	28 Jun 202406:15	–	cve
WPVulnDB	Simple Photoswipe <= 0.1 - Subscriber+ Arbitrary Settings Update	7 Jun 202400:00	–	wpvulndb
Vulnrichment	CVE-2024-5570 Simple Photoswipe <= 0.1 - Subscriber+ Arbitrary Settings Update	28 Jun 202406:00	–	vulnrichment
wpexploit	Simple Photoswipe <= 0.1 - Subscriber+ Arbitrary Settings Update	7 Jun 202400:00	–	wpexploit
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 3, 2024 to June 9, 2024)	13 Jun 202415:35	–	wordfence

[
  {
    "vendor": "Unknown",
    "product": "Simple Photoswipe",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThanOrEqual": "0.1"
      }
    ],
    "defaultStatus": "affected"
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/49b3a8cb-f606-4cf7-80ec-bfdafd74e848/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Jun 2024 06:00Current

EPSS0.00042