CVE-2024-31294

CVE-2024-31294 describes a missing authorization (broken access control) in Fahad Mahmood WP Sort Order for WordPress, affecting versions up to 1.3.1. The NVD entry lists a high severity (CVSS 3.1 base score 8.8) with Network attack vector, requiring Low privileges and no user interaction, and af...