Access Control Vulnerability in VW Automobile Lite
CVE-2024-56234

5.4MEDIUM

Key Information:

Vendor: WordPress
Status: Vw Automobile Lite
Vendor: CVE Published:; 31 December 2024

What is CVE-2024-56234?

A missing authorization vulnerability exists in VW Automobile Lite due to incorrectly configured access control security levels. Attackers may exploit this weakness, gaining unauthorized access to the system, potentially leading to unauthorized actions or data exposure. Website administrators using VW Automobile Lite should prioritize reviewing access control settings to ensure that proper security measures are implemented and maintained.

Affected Version(s)

VW Automobile Lite <= 2.1

References

https://patchstack.com/database/wordpress/theme/vw-automo...

vdb-entry

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 31, 2024
Vulnerability Reserved
Dec 18, 2024

Credit

Fariq Fadillah Gusti Insani (Patchstack Alliance)

WordPress

What is CVE-2024-56234?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit