Privilege Escalation Vulnerability in SSL Wireless SMS Notification
CVE-2024-56220

9.8CRITICAL

Key Information:

Vendor: WordPress
Status: Ssl Wireless Sms Notification
Vendor: CVE Published:; 31 December 2024

What is CVE-2024-56220?

An incorrect privilege assignment vulnerability has been identified in SSL Wireless SMS Notification. This issue allows for privilege escalation, potentially enabling unauthorized actions by users with insufficient permissions. Affected versions include all releases leading up to 3.5.0. Users are advised to review their configurations and apply necessary updates to mitigate potential risks associated with this vulnerability.

Affected Version(s)

SSL Wireless SMS Notification <= 3.5.0

References

https://patchstack.com/database/wordpress/plugin/ssl-wire...

vdb-entry

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 31, 2024
Vulnerability Reserved
Dec 18, 2024

Credit

Bonds (Patchstack Alliance)

WordPress

What is CVE-2024-56220?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit