Lucene search
K

4 matches found

NVD
NVD
added 2024/06/04 2:15 p.m.27 views

CVE-2024-35700

Incorrect Privilege Assignment vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.8...

9.8CVSS9.6AI score0.00487EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/04 1:40 p.m.20 views

CVE-2024-35700 WordPress UserPro plugin <= 5.1.8 - Unauthenticated Account Takeover vulnerability

Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8...

9.8CVSS6.9AI score0.00487EPSS
Exploits0References1
CVE
CVE
added 2024/06/04 1:40 p.m.63 views

CVE-2024-35700

CVE-2024-35700 affects the WordPress plugin “UserPro” (DeluxeThemes) up to version 5.1.8. The issue is described as Improper Privilege Management enabling Unauthenticated Account Takeover with privilege escalation. Impact as stated: confidential and integrity/availability impact; CVSS v3.1 base s...

9.8CVSS5.9AI score0.00487EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/05/21 12:0 a.m.17 views

WordPress Userpro Plugin <= 5.1.8 is vulnerable to Privilege Escalation

Software Userpro Type Plugin Vulnerable versions = 5.1.8 Fixed in 5.1.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-35700 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID fbe11c6e1e92 Credits Rafie Muhammad...

9.8CVSS6.5AI score0.00487EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder