5 matches found
Exploit for Missing Authorization in Xlplugins Finale
CVE-2024-30485 Exploit ๐ Overview CVE-2024-30485 is a...
CVE-2024-30485
Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0...
CVE-2024-30485
Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0...
CVE-2024-30485
CVE-2024-30485 corresponds to a Missing Authorization vulnerability in the WordPress plugin Finale Lite. The record notes affected versions โthrough 2.18.0โ and indicates a proof-of-concept/exploitation path exists that can allow an attacker to install and activate arbitrary plugins, as seen in c...
WordPress Finale Lite Plugin <= 2.18.0 is vulnerable to Remote Code Execution (RCE)
Software Finale Lite Type Plugin Vulnerable versions = 2.18.0 Fixed in 2.18.1 OWASP Top 10 A1: Broken Access Control Classification Remote Code Execution RCE CVE CVE-2024-30485 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 351260d95e05 Credits Yudistira Arya Required...