///
CVE-2024-37444
9.8CRITICAL
What is CVE-2024-37444?
The Defender Security plugin from WPMU DEV has a missing authorization vulnerability that allows unauthorized access to functionality not properly constrained by Access Control Lists (ACLs). This vulnerability affects versions from n/a up to 4.7.1, potentially allowing attackers to exploit unregulated functionalities, compromising the security of WordPress sites.
Affected Version(s)
Defender Security <= 4.7.1