4 matches found
CVE-2024-12296
The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'importpageoptions' function in all versions up to, and including, 2.4. This makes it possible for authenticated attackers, wit...
CVE-2024-12296
The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'importpageoptions' function in all versions up to, and including, 2.4. This makes it possible for authenticated attackers, wit...
CVE-2024-12296
CVE-2024-12296 — Apus Framework (WordPress) vulnerability : The Apus Framework plugin is affected in versions up to 2.3. It has a missing capability check in the import_page_options function, allowing authenticated users with Subscriber-level access or higher to perform arbitrary options updates....
CVE-2024-12296 Apus Framework <= 2.3 - Authenticated (Subscriber+) Arbitrary Options Update in import_page_options
The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'importpageoptions' function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, wit...