4 matches found
CVE-2024-4788 Boostify Header Footer Builder for Elementor <= 1.3.5 - Missing Authorization to Page/Post Creation
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createbhfpost function in all versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with...
CVE-2024-4788
Technical details such as affected software versions, root cause, exploitability, and fixes are not provided in the supplied documents. Monitor official advisories and CVE updates for concrete, technical information.
CVE-2024-4788 Boostify Header Footer Builder for Elementor <= 1.3.5 - Missing Authorization to Page/Post Creation
The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createbhfpost function in all versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with...
WordPress Boostify Header Footer Builder for Elementor Plugin <= 1.3.5 is vulnerable to Broken Access Control
Software Boostify Header Footer Builder for Elementor Type Plugin Vulnerable versions = 1.3.5 Fixed in 1.3.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4788 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c1f45fa202fb Credits...