Authorization Flaw in VibeThemes WPLMS Plugin

CVE-2024-56048

What is CVE-2024-56048?

The VibeThemes WPLMS Plugin is susceptible to a missing authorization vulnerability, which permits users to access functionalities not properly restricted by Access Control Lists (ACLs). This flaw can lead to unauthorized actions being executed within the plugin, potentially compromising the site's security. Affected versions extend up to 1.9.9, necessitating prompt action to mitigate risks associated with unregulated access and ensure that proper authorizations are enforced.

References