Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/14 9:54 a.m.16 views

CVE-2024-12296

The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'importpageoptions' function in all versions up to, and including, 2.4. This makes it possible for authenticated attackers, wit...

8.8CVSS7.3AI score0.005EPSS
Exploits0References1
NVD
NVD
added 2025/02/12 10:15 a.m.27 views

CVE-2024-12296

The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'importpageoptions' function in all versions up to, and including, 2.4. This makes it possible for authenticated attackers, wit...

8.8CVSS0.005EPSS
Exploits0References2
CVE
CVE
added 2025/02/12 9:22 a.m.59 views

CVE-2024-12296

CVE-2024-12296 — Apus Framework (WordPress) vulnerability : The Apus Framework plugin is affected in versions up to 2.3. It has a missing capability check in the import_page_options function, allowing authenticated users with Subscriber-level access or higher to perform arbitrary options updates....

8.8CVSS7.3AI score0.005EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/12 9:22 a.m.7 views

CVE-2024-12296 Apus Framework <= 2.3 - Authenticated (Subscriber+) Arbitrary Options Update in import_page_options

The Apus Framework plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'importpageoptions' function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, wit...

8.8CVSS8.7AI score0.005EPSS
Exploits0References2
Rows per page
Query Builder