5 matches found
Exploit for CVE-2024-6624
CVE-2024-6624 | JSON API User = 3.9.3 - Unauthenticated Pri...
CVE-2024-6624
creationtimestamp| type| source ---|---|--- 2024-07-11 09:57:21+00:00| seen| https://t.me/cvedetector/640 2025-02-06 16:00:10+00:00| published-proof-of-concept| Telegram/mm0dibID7M-AdtrFuuG3wYTtJ0IX3ygHecVaHve0sD5pqjA 2025-02-06 20:00:07+00:00| published-proof-of-concept|...
CVE-2024-6624 JSON API User <= 3.9.3 - Unauthenticated Privilege Escalation
The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.9.3. This is due to improper controls on custom user meta fields. This makes it possible for unauthenticated attackers to register as administrators on the site. The plugin require...
CVE-2024-6624 JSON API User <= 3.9.3 - Unauthenticated Privilege Escalation
The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.9.3. This is due to improper controls on custom user meta fields. This makes it possible for unauthenticated attackers to register as administrators on the site. The plugin require...
WordPress JSON API User Plugin <= 3.9.3 is vulnerable to Privilege Escalation
Software JSON API User Type Plugin Vulnerable versions = 3.9.3 Fixed in 3.9.4 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-6624 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID c77720f52f77 Credits Thanh Nam Tran Required privile...