Missing Authorization Issue in Webful Creations Computer Repair Shop
CVE-2024-56061

8.8HIGH

Key Information:

Vendor: WordPress
Status: Computer Repair Shop
Vendor: CVE Published:; 31 December 2024

Summary

A missing authorization vulnerability in the Webful Creations Computer Repair Shop application allows attackers to escalate their privileges, potentially gaining unauthorized access to sensitive functionalities and data. This security flaw affects multiple versions, specifically from an unspecified version up to 3.8119, compromising the integrity and security of the application.

Affected Version(s)

Computer Repair Shop <= 3.8119

References

https://patchstack.com/database/wordpress/plugin/computer...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 31, 2024
Vulnerability Reserved
Dec 14, 2024

Credit

SOPROBRO (Patchstack Alliance)