Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-22145

Published: 17/05/2024 Updated: 17/05/2024

Vulnerability Summary

Improper Privilege Management vulnerability in InstaWP Team InstaWP Connect allows Privilege Escalation.This issue affects InstaWP Connect: from n/a up to and including 0.1.0.8.

Github Repositories

https://github.com/RandomRobbieBF/CVE-2024-22145

InstaWP Connect <= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+)

CVE-2024-22145 InstaWP Connect &lt;= 0108 - Missing Authorization to Arbitrary Options Update (Subscriber+) Description: The InstaWP Connect – 1-click WP Staging &amp; Migration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_management_settings function in all versions up to, and including,

References

https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cvehttps://nvd.nist.govhttps://github.com/RandomRobbieBF/CVE-2024-22145
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073CVE-2024-5496CVE-2024-5495XPath injectionbypassCVE-2024-30043CVE-2024-24919denial of serviceCVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook