Unauthorized Code Execution Vulnerability in Frontend Dashboard for WordPress
CVE-2024-8268
What is CVE-2024-8268?
The Frontend Dashboard plugin for WordPress is exposed to a vulnerability that allows unauthorized code execution due to a lack of proper filtering on callable methods and functions. This vulnerability affects all versions up to and including 2.2.4. Authenticated attackers, even those with only subscriber-level access, can exploit this flaw by invoking arbitrary functions, potentially leading to privilege escalation and unauthorized password changes for users. The risk posed by this vulnerability highlights the importance of keeping plugins updated and implementing strict access controls to maintain site security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Frontend Dashboard * <= 2.2.4
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved