Privilege Escalation Vulnerability Affects de:branding from n/a through 1.0.2
CVE-2024-52438

8.8HIGH

Key Information:

Vendor: WordPress
Status: De:branding
Vendor: CVE Published:; 20 November 2024

What is CVE-2024-52438?

The de:branding plugin by deco.Agency contains a vulnerability that allows unauthorized users to escalate their privileges. The missing authentication mechanism can be exploited to access critical functions, which could lead to unauthorized changes or access within the affected WordPress environment. This threat affects users of the de:branding plugin from its earlier versions up to 1.0.2, emphasizing the need for immediate updates and monitoring.

Affected Version(s)

de:branding 0 <= 1.0.2

References

https://patchstack.com/database/Wordpress/Plugin/debrandi...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2024

CVE-2024-52438 Data

JSON