Lucene search
K

6 matches found

GithubExploit
GithubExploit
added 2025/03/12 6:40 a.m.342 views

Exploit for CVE-2024-10673

🔥 Overview This script exploits CVE-2024-10673, a critica...

8.8CVSS8.2AI score0.01146EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2025/03/12 12:0 a.m.11 views

WordPress Top Store Theme 1.5.4 Privilege Escalation

This script exploits CVE-2024-10673, a critical vulnerability found in the Top Store WordPress Theme versions 1.5.4 and below. The flaw allows authenticated users with subscriber-level access or higher to install and activate arbitrary plugins via unprotected AJAX requests. This can lead to...

8.8CVSS8.1AI score0.01146EPSS
Exploits2
Circl
Circl
added 2024/11/09 3:20 a.m.10 views

CVE-2024-10673

creationtimestamp| type| source ---|---|--- 2024-11-09 03:20:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113450840914677083 2024-11-09 05:45:40+00:00| seen| https://t.me/cvedetector/10267 2025-03-12 16:00:08+00:00| published-proof-of-concept|...

8.8CVSS8.6AI score0.01146EPSS
Exploits2References4
Cvelist
Cvelist
added 2024/11/09 3:17 a.m.23 views

CVE-2024-10673 Top Store <= 1.5.4 - Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the topstoreinstallandactivatecallback function in all versions up to, and including, 1.5.4. This makes it possible for authenticated attackers, with subscriber-level...

8.8CVSS0.01146EPSS
Exploits2References2
CVE
CVE
added 2024/11/09 3:17 a.m.54 views

CVE-2024-10673

CVE-2024-10673 affects Top Store WordPress Theme up to version 1.5.4. The flaw is a missing capability check in top_store_install_and_activate_callback(), allowing authenticated users with subscriber-level access or higher to install and activate arbitrary plugins via unprotected AJAX. Exploitati...

8.8CVSS9.1AI score0.01146EPSS
Exploits2References2
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.15 views

WordPress Top Store Theme <= 1.5.4 is vulnerable to Arbitrary Code Execution

Software Top Store Type Theme Vulnerable versions = 1.5.4 Fixed in 1.5.5 OWASP Top 10 A7: Identification and Authentication Failures Classification Arbitrary Code Execution CVE CVE-2024-10673 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 0fffafd8d4a3 Credits WordFence...

8.8CVSS6.7AI score0.01146EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder