Lucene search
K

4 matches found

redhatcve
redhatcve
added 2025/02/14 9:54 a.m.16 views

CVE-2024-12296

The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'importpageoptions' function in all versions up to, and including, 2.4. This makes it possible for authenticated attackers, wit...

8.8CVSS7.3AI score0.005EPSS
Exploits0References1
nvd
nvd
added 2025/02/12 10:15 a.m.28 views

CVE-2024-12296

The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'importpageoptions' function in all versions up to, and including, 2.4. This makes it possible for authenticated attackers, wit...

8.8CVSS0.005EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/02/12 9:22 a.m.7 views

CVE-2024-12296 Apus Framework <= 2.3 - Authenticated (Subscriber+) Arbitrary Options Update in import_page_options

The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'importpageoptions' function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, wit...

8.8CVSS8.7AI score0.005EPSS
Exploits0References2
cve
cve
added 2025/02/12 9:22 a.m.59 views

CVE-2024-12296

CVE-2024-12296 — Apus Framework (WordPress) vulnerability : The Apus Framework plugin is affected in versions up to 2.3. It has a missing capability check in the import_page_options function, allowing authenticated users with Subscriber-level access or higher to perform arbitrary options updates....

8.8CVSS7.3AI score0.005EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder