Missing Authorization vulnerability in UPQODE Whizzy
CVE-2024-30544
9.8CRITICAL
What is CVE-2024-30544?
A missing authorization vulnerability exists in the UPQODE Whizzy plugin, affecting all versions up to 1.1.18. This flaw allows unauthorized users to gain access to restricted functionalities, which could result in unauthorized data manipulation or exposure. Website owners using the Whizzy plugin should assess their security posture and ensure that they apply the necessary updates to mitigate potential exploitation risks. Effective controls and validation checks are crucial in preventing unauthorized access.
Affected Version(s)
Whizzy <= 1.1.18