Ce21 Suite@* Security Vulnerabilities and Issues — Ce21 Suite@* CVE List

Lucene search

Ce21Ce21 Suite*

4 matches found

CVE•added 2024/11/09 3:15 a.m.•67 views

CVE-2024-10285

The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to log in the user associated with the JWT token.

9.8CVSS9AI score0.00235EPSS

CVE•added 2024/11/09 3:15 a.m.•37 views

CVE-2024-10294

The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ce21_single_sign_on_save_api_settings' function in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to change plugin settings.

7.5CVSS6.3AI score0.0008EPSS

CVE•added 2024/11/09 3:15 a.m.•36 views

CVE-2024-10284

The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.2.0. This is due to hardcoded encryption key in the 'ce21_authentication_phrase' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, ...

9.8CVSS9.7AI score0.00315EPSS

CVE•added 2024/12/13 3:15 p.m.•34 views

CVE-2024-54293

Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through 2.2.0.

9.8CVSS9.6AI score0.00096EPSS