Lucene search
PatchstackVULNRICHMENT:CVE-2024-32786HistoryMay 17, 2024 - 9:38 a.m.
CVE-2024-32786 WordPress Royal Elementor Addons and Templates plugin <= 1.3.93 - IP Bypass vulnerability
2024-05-1709:38:21
CWE-290
Patchstack
github.com
wordpress
royal elementor addons
ip bypass
spoofing
vulnerability
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows Functionality Bypass.This issue affects Royal Elementor Addons: from n/a through 1.3.93.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "royal-elementor-addons",
"product": "Royal Elementor Addons",
"vendor": "WP Royal",
"versions": [
{
"changes": [
{
"at": "1.3.95",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.93",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-32786
2024-05-17 10:15:10
wpexploit
wpexploit
Royal Elementor Addons < 1.3.95 - Unauthenticated IP Spoofing
2024-05-03 00:00:00
wpvulndb
wpvulndb
Royal Elementor Addons < 1.3.95 - Unauthenticated IP Spoofing
2024-05-03 00:00:00
nvd
nvd
CVE-2024-32786
2024-05-17 10:15:10
cvelist
cvelist
wordfence
wordfence
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
6.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for VULNRICHMENT:CVE-2024-32786