Lucene search
WPScanVULNRICHMENT:CVE-2024-6695HistoryJul 31, 2024 - 6:00 a.m.
CVE-2024-6695 profile-builder <= 3.11.8 - Unauthenticated Privilege Escalation
2024-07-3106:00:04
WPScan
github.com
4
cve-2024-6695
profile-builder
unauthenticated
privilege escalation
user registration logic flow
it’s possible for an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions. This is due to improper logic flow on the user registration process.
CNA Affected
[
{
"vendor": "Unknown",
"product": "User Profile Builder",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "3.11.9",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*"
],
"vendor": "cozmoslabs",
"product": "profile_builder",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "3.11.9",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2024-6695
2024-07-31 06:15:04
cvelist
cvelist
cve
cve
CVE-2024-6695
2024-07-31 06:15:04
wordfence
wordfence
AI Score
7
Confidence
Low
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-6695