Lucene search
K

4 matches found

redhatcve
redhatcve
added 2025/02/05 10:26 a.m.5 views

CVE-2024-12470

The School Management System – SakolaWP plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.8. This is due to the registration function not properly limiting what roles a user can register as. This makes it possible for unauthenticated attackers to...

9.8CVSS7.1AI score0.00628EPSS
Exploits0References1
nvd
nvd
added 2025/01/07 5:15 a.m.10 views

CVE-2024-12470

The School Management System – SakolaWP plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.8. This is due to the registration function not properly limiting what roles a user can register as. This makes it possible for unauthenticated attackers to...

9.8CVSS0.00628EPSS
Exploits0References2
circl
circl
added 2025/01/07 4:36 a.m.4 views

CVE-2024-12470

creationtimestamp| type| source ---|---|--- 2025-01-07 04:36:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/305 2025-01-07 05:17:28+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vian6ao2i 2025-01-07 05:48:10+00:00| seen|...

9.8CVSS8.7AI score0.00628EPSS
Exploits0References4
cve
cve
added 2025/01/07 4:22 a.m.52 views

CVE-2024-12470

CVE-2024-12470 affects the WordPress plugin School Management System – SakolaWP (SakolaWP-lite) up to version 1.0.8. Root cause: the registration function does not correctly restrict allowable user roles, enabling an unauthenticated attacker to register as an administrator. Impact: administrator ...

9.8CVSS9.6AI score0.00628EPSS
Exploits0References2
Rows per page
Query Builder