How severe is CVE-2021-24602?

CVE-2021-24602 has a CVSS v3 score of 8.8 (HIGH).

CVE-2021-24602

Name: hm_multiple_roles
Author: hmplugin

8.8HIGH

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page

게시됨: 8/23/2021업데이트됨: 11/21/2024

설명

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page

AI 분석AI 기반

영향받는 제품

hmpluginhm_multiple_roles

참조

https://jetpack.com/2021/08/05/privilege-escalation-in-hm-multiple-roles-wordpress-plugin/
ExploitThird Party Advisory
https://wpscan.com/vulnerability/5fd2548a-08de-4417-bff1-f174dab718d5
Third Party Advisory
https://jetpack.com/2021/08/05/privilege-escalation-in-hm-multiple-roles-wordpress-plugin/
ExploitThird Party Advisory
https://wpscan.com/vulnerability/5fd2548a-08de-4417-bff1-f174dab718d5
Third Party Advisory