3 matches found
CVE-2024-6397
creationtimestamp| type| source ---|---|--- 2024-07-11 07:01:38+00:00| seen| https://t.me/cvedetector/630...
CVE-2024-6397 InstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.44 - Authentication Bypass to Admin
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 0.1.0.44. This is due to insufficient verification of the API key. This makes it possible for unauthenticated attackers to log in as any existing...
WordPress InstaWP Connect Plugin <= 0.1.0.44 is vulnerable to Privilege Escalation
Software InstaWP Connect Type Plugin Vulnerable versions = 0.1.0.44 Fixed in 0.1.0.45 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-6397 Patch priority High CVSS severity High 9.8 Developer InstaWP PSID c8289fd0efb9 Credits Truoc Phan Required privilege...