Common Weakness Enumeration

CWE-862

Allowed-with-Review

Missing Authorization

Abstraction: Class · Status: Incomplete

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

14602 vulnerabilities reference this CWE, most recent first.

CVE-2024-4010 (GCVE-0-2024-4010)

Vulnerability from cvelistv5 – Published: 2024-05-15 08:34 – Updated: 2026-04-08 16:41
VLAI
Title
Email Subscribers by Icegram Express <= 5.7.19 - Missing Authorization in handle_ajax_request
Summary
The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handle_ajax_request function in all versions up to, and including, 5.7.19. This makes it possible for authenticated attackers, with subscriber-level access and above, to cause a loss of confidentiality, integrity, and availability, by performing multiple unauthorized actions. Some of these actions could also be leveraged to conduct PHP Object Injection and SQL Injection attacks.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
icegram Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Affected: 0 , ≤ 5.7.19 (semver)
Create a notification for this product.
icegram email_subscribers_\&_newsletters Affected: 0 , ≤ 5.7.19 (custom)
    cpe:2.3:a:icegram:email_subscribers_\&_newsletters:-:*:*:*:*:wordpress:*:*
Create a notification for this product.
Credits
Arkadiusz Hydzik
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:icegram:email_subscribers_\\\u0026_newsletters:-:*:*:*:*:wordpress:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "email_subscribers_\\\u0026_newsletters",
            "vendor": "icegram",
            "versions": [
              {
                "lessThanOrEqual": "5.7.19",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-4010",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-10T20:29:25.253735Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-01T18:32:27.132Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.257Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23bfcdd1-b99d-47eb-9f88-96f9ecc53b32?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset/3083762/email-subscribers"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Email Subscribers \u0026 Newsletters \u2013 Email Marketing, Post Notifications \u0026 Newsletter Plugin for WordPress",
          "vendor": "icegram",
          "versions": [
            {
              "lessThanOrEqual": "5.7.19",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Arkadiusz Hydzik"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handle_ajax_request function in all versions up to, and including, 5.7.19. This makes it possible for authenticated attackers, with subscriber-level access and above, to cause a loss of confidentiality, integrity, and availability, by performing multiple unauthorized actions. Some of these actions could also be leveraged to conduct PHP Object Injection and SQL Injection attacks."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:41:59.939Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23bfcdd1-b99d-47eb-9f88-96f9ecc53b32?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3083762/email-subscribers"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-19T00:00:00.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2024-05-14T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Email Subscribers by Icegram Express \u003c= 5.7.19 - Missing Authorization in handle_ajax_request"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-4010",
    "datePublished": "2024-05-15T08:34:12.914Z",
    "dateReserved": "2024-04-19T17:18:27.684Z",
    "dateUpdated": "2026-04-08T16:41:59.939Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-3976 (GCVE-0-2024-3976)

Vulnerability from cvelistv5 – Published: 2025-02-05 12:02 – Updated: 2025-02-05 20:12
VLAI
Title
Missing Authorization in GitLab
Summary
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues title and description from a public project to unauthorised instance users.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://gitlab.com/gitlab-org/gitlab/-/issues/457140 issue-trackingpermissions-required
https://hackerone.com/reports/2470939 technical-descriptionexploitpermissions-required
https://about.gitlab.com/releases/2024/05/08/patc… release-notes
Impacted products
Vendor Product Version
GitLab GitLab Affected: 14.0 , < 16.9.7 (semver)
Affected: 16.10 , < 16.10.5 (semver)
Affected: 16.11 , < 16.11.2 (semver)
    cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Thanks [ahacker1](https://hackerone.com/ahacker1) for reporting this vulnerability through our HackerOne bug bounty program
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3976",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T14:04:52.021207Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-05T20:12:12.955Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "release-notes"
            ],
            "url": "https://about.gitlab.com/releases/2024/05/08/patch-release-gitlab-16-11-2-released/"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "GitLab",
          "repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
          "vendor": "GitLab",
          "versions": [
            {
              "lessThan": "16.9.7",
              "status": "affected",
              "version": "14.0",
              "versionType": "semver"
            },
            {
              "lessThan": "16.10.5",
              "status": "affected",
              "version": "16.10",
              "versionType": "semver"
            },
            {
              "lessThan": "16.11.2",
              "status": "affected",
              "version": "16.11",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Thanks [ahacker1](https://hackerone.com/ahacker1) for reporting this vulnerability through our HackerOne bug bounty program"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues title and description from a public project to unauthorised instance users."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862: Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-05T12:02:27.929Z",
        "orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
        "shortName": "GitLab"
      },
      "references": [
        {
          "name": "GitLab Issue #457140",
          "tags": [
            "issue-tracking",
            "permissions-required"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/457140"
        },
        {
          "name": "HackerOne Bug Bounty Report #2470939",
          "tags": [
            "technical-description",
            "exploit",
            "permissions-required"
          ],
          "url": "https://hackerone.com/reports/2470939"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to versions 16.9.7, 16.10.5, 16.11.2 or above."
        }
      ],
      "title": "Missing Authorization in GitLab"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
    "assignerShortName": "GitLab",
    "cveId": "CVE-2024-3976",
    "datePublished": "2025-02-05T12:02:27.929Z",
    "dateReserved": "2024-04-19T08:02:17.288Z",
    "dateUpdated": "2025-02-05T20:12:12.955Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3961 (GCVE-0-2024-3961)

Vulnerability from cvelistv5 – Published: 2024-06-21 03:49 – Updated: 2026-04-08 17:02
VLAI
Title
ConvertKit <= 2.4.9 - Missing Authorization
Summary
The ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tag_subscriber function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to subscribe users to tags. Financial damages may occur to site owners if their API quota is exceeded.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
convertkit Kit (formerly ConvertKit) – Email Newsletter, Email Marketing, Membership, Subscribers and Landing Pages Affected: 0 , ≤ 2.4.9 (semver)
Create a notification for this product.
convertkit convertkit_-_email_marketing\,_email_newsletter_and_landing_pages Affected: 0 , ≤ 2.4.9 (custom)
    cpe:2.3:a:convertkit:convertkit_-_email_marketing\,_email_newsletter_and_landing_pages:-:*:*:*:*:wordpress:*:*
Create a notification for this product.
Credits
AmrAwad
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:convertkit:convertkit_-_email_marketing\\,_email_newsletter_and_landing_pages:-:*:*:*:*:wordpress:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "convertkit_-_email_marketing\\,_email_newsletter_and_landing_pages",
            "vendor": "convertkit",
            "versions": [
              {
                "lessThanOrEqual": "2.4.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3961",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-27T18:10:14.495758Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-01T18:33:30.159Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.176Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/79d828b8-aea2-4705-ae23-ac70133a6c3e?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3104932%40convertkit%2Ftrunk\u0026old=3085997%40convertkit%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Kit (formerly ConvertKit) \u2013 Email Newsletter, Email Marketing, Membership, Subscribers and Landing Pages",
          "vendor": "convertkit",
          "versions": [
            {
              "lessThanOrEqual": "2.4.9",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "AmrAwad"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The ConvertKit \u2013 Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tag_subscriber function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to subscribe users to tags. Financial damages may occur to site owners if their API quota is exceeded."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:02:13.778Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/79d828b8-aea2-4705-ae23-ac70133a6c3e?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3104932%40convertkit%2Ftrunk\u0026old=3085997%40convertkit%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-20T15:27:19.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "ConvertKit \u003c= 2.4.9 - Missing Authorization"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-3961",
    "datePublished": "2024-06-21T03:49:00.260Z",
    "dateReserved": "2024-04-18T16:42:54.586Z",
    "dateUpdated": "2026-04-08T17:02:13.778Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-3942 (GCVE-0-2024-3942)

Vulnerability from cvelistv5 – Published: 2024-05-02 16:52 – Updated: 2026-04-08 16:57
VLAI
Title
MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.3.8 - Missing Authorization
Summary
The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on several functions in versions up to, and including, 3.3.8. This makes it possible for authenticated attackers, with subscriber level permissions and above, to read and modify content such as course questions, post titles, and taxonomies.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Credits
Lucio Sá
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3942",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-17T16:01:54.618384Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-17T16:02:05.835Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.163Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64eb3d67-7056-4a03-ba3b-a04c2e96648d?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset/3078394/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Education",
          "vendor": "stylemix",
          "versions": [
            {
              "lessThanOrEqual": "3.3.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lucio S\u00e1"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Education plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on several functions in versions up to, and including, 3.3.8. This makes it possible for authenticated attackers, with subscriber level permissions and above, to read and modify content such as course questions, post titles, and taxonomies."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:57:40.453Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/64eb3d67-7056-4a03-ba3b-a04c2e96648d?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3078394/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-29T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Education \u003c= 3.3.8 - Missing Authorization"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-3942",
    "datePublished": "2024-05-02T16:52:11.285Z",
    "dateReserved": "2024-04-17T22:36:21.536Z",
    "dateUpdated": "2026-04-08T16:57:40.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-3936 (GCVE-0-2024-3936)

Vulnerability from cvelistv5 – Published: 2024-05-02 16:52 – Updated: 2026-04-08 17:33
VLAI
Title
The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid <= 7.6.1 - Missing Authorization
Summary
The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rtTPGSaveSettings function in all versions up to, and including, 7.6.1. This makes it possible for authenticated attackers, with subscriber access or higher, to change the plugin's settings and invoke other functions hooked by AJAX actions.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
techlabpro1 The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid Affected: 0 , ≤ 7.6.1 (semver)
Create a notification for this product.
wordpress post_grid_shortcode_gutenberg_blocks_elementor Affected: - , ≤ 7.6.1 (custom)
    cpe:2.3:a:wordpress:post_grid_shortcode_gutenberg_blocks_elementor:-:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Pavel Palii
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:wordpress:post_grid_shortcode_gutenberg_blocks_elementor:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "post_grid_shortcode_gutenberg_blocks_elementor",
            "vendor": "wordpress",
            "versions": [
              {
                "lessThanOrEqual": "7.6.1",
                "status": "affected",
                "version": "-",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3936",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-02T17:44:37.790013Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:32:42.954Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.209Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f4ef2ced-3c82-4379-8b14-1cf11482fd35?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/browser/the-post-grid/trunk/app/Controllers/AjaxController.php#L130"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3078599%40the-post-grid%2Ftrunk\u0026old=3061874%40the-post-grid%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "The Post Grid \u2013 Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid",
          "vendor": "techlabpro1",
          "versions": [
            {
              "lessThanOrEqual": "7.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Pavel Palii"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The The Post Grid \u2013 Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rtTPGSaveSettings function in all versions up to, and including, 7.6.1. This makes it possible for authenticated attackers, with subscriber access or higher, to change the plugin\u0027s settings and invoke other functions hooked by AJAX actions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:33:13.982Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f4ef2ced-3c82-4379-8b14-1cf11482fd35?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/the-post-grid/trunk/app/Controllers/AjaxController.php#L130"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3078599%40the-post-grid%2Ftrunk\u0026old=3061874%40the-post-grid%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-30T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "The Post Grid \u2013 Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid \u003c= 7.6.1 - Missing Authorization"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-3936",
    "datePublished": "2024-05-02T16:52:51.888Z",
    "dateReserved": "2024-04-17T17:28:06.979Z",
    "dateUpdated": "2026-04-08T17:33:13.982Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-3932 (GCVE-0-2024-3932)

Vulnerability from cvelistv5 – Published: 2024-04-18 00:00 – Updated: 2025-06-11 13:59
VLAI
Title
Totara LMS User Selector cross-site request forgery
Summary
A vulnerability classified as problematic has been found in Totara LMS up to 18.7. This affects an unknown part of the component User Selector. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 13.46, 14.38, 15.33, 16.27, 17.21 and 18.8 is able to address this issue. It is recommended to upgrade the affected component.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-352 - Cross-Site Request Forgery
  • CWE-862 - Missing Authorization
Assigner
References
URL Tags
https://vuldb.com/?id.261369 vdb-entrytechnical-description
https://vuldb.com/?ctiid.261369 signaturepermissions-required
https://vuldb.com/?submit.314381 third-party-advisory
https://totara.community/mod/forum/discuss.php?d=27644 related
Impacted products
Vendor Product Version
Totara LMS Affected: 13.0
Affected: 13.1
Affected: 13.2
Affected: 13.3
Affected: 13.4
Affected: 13.5
Affected: 13.6
Affected: 13.7
Affected: 13.8
Affected: 13.9
Affected: 13.10
Affected: 13.11
Affected: 13.12
Affected: 13.13
Affected: 13.14
Affected: 13.15
Affected: 13.16
Affected: 13.17
Affected: 13.18
Affected: 13.19
Affected: 13.20
Affected: 13.21
Affected: 13.22
Affected: 13.23
Affected: 13.24
Affected: 13.25
Affected: 13.26
Affected: 13.27
Affected: 13.28
Affected: 13.29
Affected: 13.30
Affected: 13.31
Affected: 13.32
Affected: 13.33
Affected: 13.34
Affected: 13.35
Affected: 13.36
Affected: 13.37
Affected: 13.38
Affected: 13.39
Affected: 13.40
Affected: 13.41
Affected: 13.42
Affected: 13.43
Affected: 13.44
Affected: 13.45
Affected: 14.0
Affected: 14.1
Affected: 14.2
Affected: 14.3
Affected: 14.4
Affected: 14.5
Affected: 14.6
Affected: 14.7
Affected: 14.8
Affected: 14.9
Affected: 14.10
Affected: 14.11
Affected: 14.12
Affected: 14.13
Affected: 14.14
Affected: 14.15
Affected: 14.16
Affected: 14.17
Affected: 14.18
Affected: 14.19
Affected: 14.20
Affected: 14.21
Affected: 14.22
Affected: 14.23
Affected: 14.24
Affected: 14.25
Affected: 14.26
Affected: 14.27
Affected: 14.28
Affected: 14.29
Affected: 14.30
Affected: 14.31
Affected: 14.32
Affected: 14.33
Affected: 14.34
Affected: 14.35
Affected: 14.36
Affected: 14.37
Affected: 15.0
Affected: 15.1
Affected: 15.2
Affected: 15.3
Affected: 15.4
Affected: 15.5
Affected: 15.6
Affected: 15.7
Affected: 15.8
Affected: 15.9
Affected: 15.10
Affected: 15.11
Affected: 15.12
Affected: 15.13
Affected: 15.14
Affected: 15.15
Affected: 15.16
Affected: 15.17
Affected: 15.18
Affected: 15.19
Affected: 15.20
Affected: 15.21
Affected: 15.22
Affected: 15.23
Affected: 15.24
Affected: 15.25
Affected: 15.26
Affected: 15.27
Affected: 15.28
Affected: 15.29
Affected: 15.30
Affected: 15.31
Affected: 15.32
Affected: 16.0
Affected: 16.1
Affected: 16.2
Affected: 16.3
Affected: 16.4
Affected: 16.5
Affected: 16.6
Affected: 16.7
Affected: 16.8
Affected: 16.9
Affected: 16.10
Affected: 16.11
Affected: 16.12
Affected: 16.13
Affected: 16.14
Affected: 16.15
Affected: 16.16
Affected: 16.17
Affected: 16.18
Affected: 16.19
Affected: 16.20
Affected: 16.21
Affected: 16.22
Affected: 16.23
Affected: 16.24
Affected: 16.25
Affected: 16.26
Affected: 17.0
Affected: 17.1
Affected: 17.2
Affected: 17.3
Affected: 17.4
Affected: 17.5
Affected: 17.6
Affected: 17.7
Affected: 17.8
Affected: 17.9
Affected: 17.10
Affected: 17.11
Affected: 17.12
Affected: 17.13
Affected: 17.14
Affected: 17.15
Affected: 17.16
Affected: 17.17
Affected: 17.18
Affected: 17.19
Affected: 17.20
Affected: 18.0
Affected: 18.1
Affected: 18.2
Affected: 18.3
Affected: 18.4
Affected: 18.5
Affected: 18.6
Affected: 18.7
Unaffected: 13.46
Unaffected: 14.38
Unaffected: 15.33
Unaffected: 16.27
Unaffected: 17.21
Unaffected: 18.8
Create a notification for this product.
totara enterprise_lms Affected: 0 , ≤ 18.0.1 Build 20231128.01 (custom)
    cpe:2.3:a:totara:enterprise_lms:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:totara:enterprise_lms:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "enterprise_lms",
            "vendor": "totara",
            "versions": [
              {
                "lessThanOrEqual": "18.0.1 Build 20231128.01",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3932",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-22T18:59:52.785734Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-06T19:45:28.429Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.195Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VDB-261369 | Totara LMS cross-site request forgery",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?id.261369"
          },
          {
            "name": "VDB-261369 | CTI Indicators (IOB, IOC)",
            "tags": [
              "signature",
              "permissions-required",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?ctiid.261369"
          },
          {
            "name": "Submit #314381 | Totara Totara LMS Totara 18.0.1 (Build: 20231128.01) Privileges Scalation",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://vuldb.com/?submit.314381"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "User Selector"
          ],
          "product": "LMS",
          "vendor": "Totara",
          "versions": [
            {
              "status": "affected",
              "version": "13.0"
            },
            {
              "status": "affected",
              "version": "13.1"
            },
            {
              "status": "affected",
              "version": "13.2"
            },
            {
              "status": "affected",
              "version": "13.3"
            },
            {
              "status": "affected",
              "version": "13.4"
            },
            {
              "status": "affected",
              "version": "13.5"
            },
            {
              "status": "affected",
              "version": "13.6"
            },
            {
              "status": "affected",
              "version": "13.7"
            },
            {
              "status": "affected",
              "version": "13.8"
            },
            {
              "status": "affected",
              "version": "13.9"
            },
            {
              "status": "affected",
              "version": "13.10"
            },
            {
              "status": "affected",
              "version": "13.11"
            },
            {
              "status": "affected",
              "version": "13.12"
            },
            {
              "status": "affected",
              "version": "13.13"
            },
            {
              "status": "affected",
              "version": "13.14"
            },
            {
              "status": "affected",
              "version": "13.15"
            },
            {
              "status": "affected",
              "version": "13.16"
            },
            {
              "status": "affected",
              "version": "13.17"
            },
            {
              "status": "affected",
              "version": "13.18"
            },
            {
              "status": "affected",
              "version": "13.19"
            },
            {
              "status": "affected",
              "version": "13.20"
            },
            {
              "status": "affected",
              "version": "13.21"
            },
            {
              "status": "affected",
              "version": "13.22"
            },
            {
              "status": "affected",
              "version": "13.23"
            },
            {
              "status": "affected",
              "version": "13.24"
            },
            {
              "status": "affected",
              "version": "13.25"
            },
            {
              "status": "affected",
              "version": "13.26"
            },
            {
              "status": "affected",
              "version": "13.27"
            },
            {
              "status": "affected",
              "version": "13.28"
            },
            {
              "status": "affected",
              "version": "13.29"
            },
            {
              "status": "affected",
              "version": "13.30"
            },
            {
              "status": "affected",
              "version": "13.31"
            },
            {
              "status": "affected",
              "version": "13.32"
            },
            {
              "status": "affected",
              "version": "13.33"
            },
            {
              "status": "affected",
              "version": "13.34"
            },
            {
              "status": "affected",
              "version": "13.35"
            },
            {
              "status": "affected",
              "version": "13.36"
            },
            {
              "status": "affected",
              "version": "13.37"
            },
            {
              "status": "affected",
              "version": "13.38"
            },
            {
              "status": "affected",
              "version": "13.39"
            },
            {
              "status": "affected",
              "version": "13.40"
            },
            {
              "status": "affected",
              "version": "13.41"
            },
            {
              "status": "affected",
              "version": "13.42"
            },
            {
              "status": "affected",
              "version": "13.43"
            },
            {
              "status": "affected",
              "version": "13.44"
            },
            {
              "status": "affected",
              "version": "13.45"
            },
            {
              "status": "affected",
              "version": "14.0"
            },
            {
              "status": "affected",
              "version": "14.1"
            },
            {
              "status": "affected",
              "version": "14.2"
            },
            {
              "status": "affected",
              "version": "14.3"
            },
            {
              "status": "affected",
              "version": "14.4"
            },
            {
              "status": "affected",
              "version": "14.5"
            },
            {
              "status": "affected",
              "version": "14.6"
            },
            {
              "status": "affected",
              "version": "14.7"
            },
            {
              "status": "affected",
              "version": "14.8"
            },
            {
              "status": "affected",
              "version": "14.9"
            },
            {
              "status": "affected",
              "version": "14.10"
            },
            {
              "status": "affected",
              "version": "14.11"
            },
            {
              "status": "affected",
              "version": "14.12"
            },
            {
              "status": "affected",
              "version": "14.13"
            },
            {
              "status": "affected",
              "version": "14.14"
            },
            {
              "status": "affected",
              "version": "14.15"
            },
            {
              "status": "affected",
              "version": "14.16"
            },
            {
              "status": "affected",
              "version": "14.17"
            },
            {
              "status": "affected",
              "version": "14.18"
            },
            {
              "status": "affected",
              "version": "14.19"
            },
            {
              "status": "affected",
              "version": "14.20"
            },
            {
              "status": "affected",
              "version": "14.21"
            },
            {
              "status": "affected",
              "version": "14.22"
            },
            {
              "status": "affected",
              "version": "14.23"
            },
            {
              "status": "affected",
              "version": "14.24"
            },
            {
              "status": "affected",
              "version": "14.25"
            },
            {
              "status": "affected",
              "version": "14.26"
            },
            {
              "status": "affected",
              "version": "14.27"
            },
            {
              "status": "affected",
              "version": "14.28"
            },
            {
              "status": "affected",
              "version": "14.29"
            },
            {
              "status": "affected",
              "version": "14.30"
            },
            {
              "status": "affected",
              "version": "14.31"
            },
            {
              "status": "affected",
              "version": "14.32"
            },
            {
              "status": "affected",
              "version": "14.33"
            },
            {
              "status": "affected",
              "version": "14.34"
            },
            {
              "status": "affected",
              "version": "14.35"
            },
            {
              "status": "affected",
              "version": "14.36"
            },
            {
              "status": "affected",
              "version": "14.37"
            },
            {
              "status": "affected",
              "version": "15.0"
            },
            {
              "status": "affected",
              "version": "15.1"
            },
            {
              "status": "affected",
              "version": "15.2"
            },
            {
              "status": "affected",
              "version": "15.3"
            },
            {
              "status": "affected",
              "version": "15.4"
            },
            {
              "status": "affected",
              "version": "15.5"
            },
            {
              "status": "affected",
              "version": "15.6"
            },
            {
              "status": "affected",
              "version": "15.7"
            },
            {
              "status": "affected",
              "version": "15.8"
            },
            {
              "status": "affected",
              "version": "15.9"
            },
            {
              "status": "affected",
              "version": "15.10"
            },
            {
              "status": "affected",
              "version": "15.11"
            },
            {
              "status": "affected",
              "version": "15.12"
            },
            {
              "status": "affected",
              "version": "15.13"
            },
            {
              "status": "affected",
              "version": "15.14"
            },
            {
              "status": "affected",
              "version": "15.15"
            },
            {
              "status": "affected",
              "version": "15.16"
            },
            {
              "status": "affected",
              "version": "15.17"
            },
            {
              "status": "affected",
              "version": "15.18"
            },
            {
              "status": "affected",
              "version": "15.19"
            },
            {
              "status": "affected",
              "version": "15.20"
            },
            {
              "status": "affected",
              "version": "15.21"
            },
            {
              "status": "affected",
              "version": "15.22"
            },
            {
              "status": "affected",
              "version": "15.23"
            },
            {
              "status": "affected",
              "version": "15.24"
            },
            {
              "status": "affected",
              "version": "15.25"
            },
            {
              "status": "affected",
              "version": "15.26"
            },
            {
              "status": "affected",
              "version": "15.27"
            },
            {
              "status": "affected",
              "version": "15.28"
            },
            {
              "status": "affected",
              "version": "15.29"
            },
            {
              "status": "affected",
              "version": "15.30"
            },
            {
              "status": "affected",
              "version": "15.31"
            },
            {
              "status": "affected",
              "version": "15.32"
            },
            {
              "status": "affected",
              "version": "16.0"
            },
            {
              "status": "affected",
              "version": "16.1"
            },
            {
              "status": "affected",
              "version": "16.2"
            },
            {
              "status": "affected",
              "version": "16.3"
            },
            {
              "status": "affected",
              "version": "16.4"
            },
            {
              "status": "affected",
              "version": "16.5"
            },
            {
              "status": "affected",
              "version": "16.6"
            },
            {
              "status": "affected",
              "version": "16.7"
            },
            {
              "status": "affected",
              "version": "16.8"
            },
            {
              "status": "affected",
              "version": "16.9"
            },
            {
              "status": "affected",
              "version": "16.10"
            },
            {
              "status": "affected",
              "version": "16.11"
            },
            {
              "status": "affected",
              "version": "16.12"
            },
            {
              "status": "affected",
              "version": "16.13"
            },
            {
              "status": "affected",
              "version": "16.14"
            },
            {
              "status": "affected",
              "version": "16.15"
            },
            {
              "status": "affected",
              "version": "16.16"
            },
            {
              "status": "affected",
              "version": "16.17"
            },
            {
              "status": "affected",
              "version": "16.18"
            },
            {
              "status": "affected",
              "version": "16.19"
            },
            {
              "status": "affected",
              "version": "16.20"
            },
            {
              "status": "affected",
              "version": "16.21"
            },
            {
              "status": "affected",
              "version": "16.22"
            },
            {
              "status": "affected",
              "version": "16.23"
            },
            {
              "status": "affected",
              "version": "16.24"
            },
            {
              "status": "affected",
              "version": "16.25"
            },
            {
              "status": "affected",
              "version": "16.26"
            },
            {
              "status": "affected",
              "version": "17.0"
            },
            {
              "status": "affected",
              "version": "17.1"
            },
            {
              "status": "affected",
              "version": "17.2"
            },
            {
              "status": "affected",
              "version": "17.3"
            },
            {
              "status": "affected",
              "version": "17.4"
            },
            {
              "status": "affected",
              "version": "17.5"
            },
            {
              "status": "affected",
              "version": "17.6"
            },
            {
              "status": "affected",
              "version": "17.7"
            },
            {
              "status": "affected",
              "version": "17.8"
            },
            {
              "status": "affected",
              "version": "17.9"
            },
            {
              "status": "affected",
              "version": "17.10"
            },
            {
              "status": "affected",
              "version": "17.11"
            },
            {
              "status": "affected",
              "version": "17.12"
            },
            {
              "status": "affected",
              "version": "17.13"
            },
            {
              "status": "affected",
              "version": "17.14"
            },
            {
              "status": "affected",
              "version": "17.15"
            },
            {
              "status": "affected",
              "version": "17.16"
            },
            {
              "status": "affected",
              "version": "17.17"
            },
            {
              "status": "affected",
              "version": "17.18"
            },
            {
              "status": "affected",
              "version": "17.19"
            },
            {
              "status": "affected",
              "version": "17.20"
            },
            {
              "status": "affected",
              "version": "18.0"
            },
            {
              "status": "affected",
              "version": "18.1"
            },
            {
              "status": "affected",
              "version": "18.2"
            },
            {
              "status": "affected",
              "version": "18.3"
            },
            {
              "status": "affected",
              "version": "18.4"
            },
            {
              "status": "affected",
              "version": "18.5"
            },
            {
              "status": "affected",
              "version": "18.6"
            },
            {
              "status": "affected",
              "version": "18.7"
            },
            {
              "status": "unaffected",
              "version": "13.46"
            },
            {
              "status": "unaffected",
              "version": "14.38"
            },
            {
              "status": "unaffected",
              "version": "15.33"
            },
            {
              "status": "unaffected",
              "version": "16.27"
            },
            {
              "status": "unaffected",
              "version": "17.21"
            },
            {
              "status": "unaffected",
              "version": "18.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability classified as problematic has been found in Totara LMS up to 18.7. This affects an unknown part of the component User Selector. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 13.46, 14.38, 15.33, 16.27, 17.21 and 18.8 is able to address this issue. It is recommended to upgrade the affected component."
        },
        {
          "lang": "de",
          "value": "Es wurde eine Schwachstelle in Totara LMS bis 18.7 entdeckt. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Komponente User Selector. Durch das Beeinflussen mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 13.46, 14.38, 15.33, 16.27, 17.21 and 18.8 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.6,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "Cross-Site Request Forgery",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-11T13:59:27.426Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-261369 | Totara LMS User Selector cross-site request forgery",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.261369"
        },
        {
          "name": "VDB-261369 | CTI Indicators (IOB, IOC)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.261369"
        },
        {
          "name": "Submit #314381 | Totara Totara LMS Totara 18.0.1 (Build: 20231128.01) Privileges Scalation",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.314381"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://totara.community/mod/forum/discuss.php?d=27644"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-17T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-04-17T00:00:00.000Z",
          "value": "CVE reserved"
        },
        {
          "lang": "en",
          "time": "2024-04-17T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-06-11T16:04:14.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Totara LMS User Selector cross-site request forgery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-3932",
    "datePublished": "2024-04-18T00:00:06.007Z",
    "dateReserved": "2024-04-17T16:57:38.876Z",
    "dateUpdated": "2025-06-11T13:59:27.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3915 (GCVE-0-2024-3915)

Vulnerability from cvelistv5 – Published: 2024-05-09 20:03 – Updated: 2026-04-08 17:04
VLAI
Title
Swift Framework <= 2.7.31 - Missing Authorization to Unauthenticated Arbitrary Content Update
Summary
The Swift Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the sf_edit_directory_item() function in all versions up to, and including, 2.7.31. This makes it possible for unauthenticated attackers to update arbitrary posts with arbitrary content. Unfortunately, we did not receive a response from the vendor to send over the vulnerability details.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Swift Ideas Swift Framework Affected: 0 , ≤ 2.7.31 (semver)
Create a notification for this product.
swift_ideas swift_framework Affected: 0 , ≤ 2.7.31 (semver)
    cpe:2.3:a:swift_ideas:swift_framework:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Francesco Carlucci
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:swift_ideas:swift_framework:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "swift_framework",
            "vendor": "swift_ideas",
            "versions": [
              {
                "lessThanOrEqual": "2.7.31",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3915",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-16T18:58:27.303872Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-06T19:44:19.700Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:56.925Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/855055d5-362e-4a92-9e9d-97eab328dcc3?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://swiftideas.com/swift-framework/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Swift Framework",
          "vendor": "Swift Ideas",
          "versions": [
            {
              "lessThanOrEqual": "2.7.31",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Francesco Carlucci"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Swift Framework plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the sf_edit_directory_item() function in all versions up to, and including, 2.7.31. This makes it possible for unauthenticated attackers to update arbitrary posts with arbitrary content. Unfortunately, we did not receive a response from the vendor to send over the vulnerability details."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:04:34.408Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/855055d5-362e-4a92-9e9d-97eab328dcc3?source=cve"
        },
        {
          "url": "https://swiftideas.com/swift-framework/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-05-03T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Swift Framework \u003c= 2.7.31 - Missing Authorization to Unauthenticated Arbitrary Content Update"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-3915",
    "datePublished": "2024-05-09T20:03:32.468Z",
    "dateReserved": "2024-04-17T13:26:55.185Z",
    "dateUpdated": "2026-04-08T17:04:34.408Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-3897 (GCVE-0-2024-3897)

Vulnerability from cvelistv5 – Published: 2024-05-02 16:52 – Updated: 2026-04-08 17:30
VLAI
Title
Popup Box – Best WordPress Popup Plugin <= 4.3.6 - Missing Authorization to Information Exposure
Summary
The Popup Box – Best WordPress Popup Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_pb_create_author AJAX action in all versions up to, and including, 4.3.6. This makes it possible for unauthenticated attackers to enumerate all emails registered on the website.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
ays-pro Popup Box – Create Countdown, Coupon, Video, Contact Form Popups Affected: 0 , ≤ 4.3.6 (semver)
Create a notification for this product.
ays-pro popup_box Affected: 0 , ≤ 4.3.6 (custom)
    cpe:2.3:a:ays-pro:popup_box:*:*:*:*:*:wordpress:*:*
Create a notification for this product.
Credits
Krzysztof Zając
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:ays-pro:popup_box:*:*:*:*:*:wordpress:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "popup_box",
            "vendor": "ays-pro",
            "versions": [
              {
                "lessThanOrEqual": "4.3.6",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3897",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-28T20:05:35.716758Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-02T17:20:39.091Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.125Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e71e3624-ccda-4c9c-90e9-e557dd19b644?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset/3073593/ays-popup-box/tags/4.3.7/admin/class-ays-pb-admin.php?old=3072088\u0026old_path=ays-popup-box%2Ftags%2F4.3.6%2Fadmin%2Fclass-ays-pb-admin.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Popup Box \u2013 Create Countdown, Coupon, Video, Contact Form Popups",
          "vendor": "ays-pro",
          "versions": [
            {
              "lessThanOrEqual": "4.3.6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Krzysztof Zaj\u0105c"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Popup Box \u2013 Best WordPress Popup Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_pb_create_author AJAX action in all versions up to, and including, 4.3.6. This makes it possible for unauthenticated attackers to enumerate all emails registered on the website."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:30:18.726Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e71e3624-ccda-4c9c-90e9-e557dd19b644?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3073593/ays-popup-box/tags/4.3.7/admin/class-ays-pb-admin.php?old=3072088\u0026old_path=ays-popup-box%2Ftags%2F4.3.6%2Fadmin%2Fclass-ays-pb-admin.php"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-24T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Popup Box \u2013 Best WordPress Popup Plugin \u003c= 4.3.6 - Missing Authorization to Information Exposure"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-3897",
    "datePublished": "2024-05-02T16:52:48.240Z",
    "dateReserved": "2024-04-16T19:29:15.548Z",
    "dateUpdated": "2026-04-08T17:30:18.726Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-3895 (GCVE-0-2024-3895)

Vulnerability from cvelistv5 – Published: 2024-05-02 16:52 – Updated: 2026-04-08 16:49
VLAI
Title
WP Datepicker <= 2.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
Summary
The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdp_add_new_datepicker_ajax() function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to update arbitrary options that can be used for privilege escalation. This was partially patched in 2.0.9 and 2.1.0, and fully patched in 2.1.1.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
fahadmahmood WP Datepicker Affected: 0 , ≤ 2.1.0 (semver)
Create a notification for this product.
Credits
Lucio Sá
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3895",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-02T20:21:51.106338Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:30:58.478Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.035Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/45a42f20-a4d7-4c8e-a144-505a6723a2a0?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset/3073525/wp-datepicker/trunk/inc/functions_inner.php"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3073221%40wp-datepicker\u0026new=3073221%40wp-datepicker\u0026sfp_email=\u0026sfph_mail="
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3071975%40wp-datepicker\u0026new=3071975%40wp-datepicker\u0026sfp_email=\u0026sfph_mail="
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "WP Datepicker",
          "vendor": "fahadmahmood",
          "versions": [
            {
              "lessThanOrEqual": "2.1.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lucio S\u00e1"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdp_add_new_datepicker_ajax() function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with  subscriber-level access and above, to update arbitrary options that can be used for privilege escalation. This was partially patched in 2.0.9 and 2.1.0, and fully patched in 2.1.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:49:36.477Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/45a42f20-a4d7-4c8e-a144-505a6723a2a0?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3073525/wp-datepicker/trunk/inc/functions_inner.php"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3073221%40wp-datepicker\u0026new=3073221%40wp-datepicker\u0026sfp_email=\u0026sfph_mail="
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3071975%40wp-datepicker\u0026new=3071975%40wp-datepicker\u0026sfp_email=\u0026sfph_mail="
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-23T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "WP Datepicker \u003c= 2.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-3895",
    "datePublished": "2024-05-02T16:52:01.083Z",
    "dateReserved": "2024-04-16T17:43:17.711Z",
    "dateUpdated": "2026-04-08T16:49:36.477Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-3893 (GCVE-0-2024-3893)

Vulnerability from cvelistv5 – Published: 2024-04-25 07:33 – Updated: 2026-04-08 17:30
VLAI
Title
Classified Listing – Classified ads & Business Directory Plugin <= 3.0.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Deletion
Summary
The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtcl_fb_gallery_image_delete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachements.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
techlabpro1 Classified Listing – AI-Powered Classified ads & Business Directory Plugin Affected: 0 , ≤ 3.0.10.3 (semver)
Create a notification for this product.
techlabpro1 classified_listing_plugin Affected: *
    cpe:2.3:a:techlabpro1:classified_listing_plugin:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Lucio Sá
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:techlabpro1:classified_listing_plugin:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "classified_listing_plugin",
            "vendor": "techlabpro1",
            "versions": [
              {
                "status": "affected",
                "version": "*"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3893",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-25T16:26:27.283994Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-862",
                "description": "CWE-862 Missing Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:31:45.354Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:26:57.110Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e7113b1c-78dc-4648-b14a-52ff6668fd1d?source=cve"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset/3073754/classified-listing/trunk/app/Controllers/Ajax/FormBuilderAjax.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Classified Listing \u2013 AI-Powered Classified ads \u0026 Business Directory Plugin",
          "vendor": "techlabpro1",
          "versions": [
            {
              "lessThanOrEqual": "3.0.10.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lucio S\u00e1"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Classified Listing \u2013 Classified ads \u0026 Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtcl_fb_gallery_image_delete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachements."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T17:30:17.705Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e7113b1c-78dc-4648-b14a-52ff6668fd1d?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3073754/classified-listing/trunk/app/Controllers/Ajax/FormBuilderAjax.php"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-24T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Classified Listing \u2013 Classified ads \u0026 Business Directory Plugin \u003c= 3.0.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Deletion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2024-3893",
    "datePublished": "2024-04-25T07:33:59.902Z",
    "dateReserved": "2024-04-16T17:36:20.477Z",
    "dateUpdated": "2026-04-08T17:30:17.705Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation
Architecture and Design
  • Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
  • Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Architecture and Design

Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].

Mitigation MIT-4.4
Architecture and Design

Strategy: Libraries or Frameworks

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Architecture and Design
  • For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
  • One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
System Configuration Installation

Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.

CAPEC-665: Exploitation of Thunderbolt Protection Flaws

An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.