Unauthorized Access Vulnerability in Jupiter X Core Plugin for WordPress
CVE-2024-12033
4.3MEDIUM
What is CVE-2024-12033?
The Jupiter X Core plugin for WordPress is susceptible to unauthorized access due to a lack of capability checks in the sync_libraries() function. This vulnerability allows attackers with Subscriber-level privileges and above to sync libraries, potentially compromising site security through unauthorized actions. It affects all versions of the plugin up to and including 4.8.5.
Affected Version(s)
Jupiter X Core * <= 4.8.5