3 matches found
CVE-2024-33908 WordPress WidgetKit plugin <= 2.5.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Themesgrove WidgetKit.This issue affects WidgetKit: from n/a through 2.5.0...
CVE-2024-33908
CVE-2024-33908: The ThemeGr ove WidgetKit (All-in-One Addons for Elementor WidgetKit) has a Missing Authorization vulnerability affecting WidgetKit versions up to 2.5.0. Connected documents identify this as a Missing Authorization to Notice Dismissal issue. The Wordfence entry notes the patch sta...
WordPress WidgetKit Plugin <= 2.5.1 is vulnerable to Broken Access Control
Software WidgetKit Type Plugin Vulnerable versions = 2.5.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33908 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 38f3250eb362 Credits Dhabaleshwar Das Required privilege...