Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-1844

Published: 20/03/2024 Updated: 20/03/2024

Vulnerability Summary

The RevivePress – Keep your Old Content Evergreen plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the import_data and copy_data functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated attackers, with subscriber-level access or higher, to overwrite plugin settings and view them.

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/63ecb518-50d6-49ad-92e4-c5a7494ced82?source=cvehttps://plugins.trac.wordpress.org/browser/wp-auto-republish/trunk/includes/Tools/Database.php#L161https://plugins.trac.wordpress.org/browser/wp-auto-republish/trunk/includes/Tools/Database.php#L148https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook