How severe is CVE-2024-3828?

CVE-2024-3828 has a CVSS v3 score of 8.8 (HIGH).

CVE-2024-3828

8.8HIGH

The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration

Publicado: 5/14/2024Atualizado: 11/21/2024

Descrição

The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration forms and set the default role to administrator This makes it possible for authenticated attackers, with author-level access and above, to create administrator-level accounts.

Análise IADesenvolvido por IA

Referências

https://wpspectra.com/whats-new/
https://www.wordfence.com/threat-intel/vulnerabilities/id/e23e7d66-4b57-4feb-bf77-46238bc6ce7c?source=cve
https://wpspectra.com/whats-new/
https://www.wordfence.com/threat-intel/vulnerabilities/id/e23e7d66-4b57-4feb-bf77-46238bc6ce7c?source=cve