CVE-2024-10482
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Published Nov 21, 2024
Updated: Nov 22, 2024
Summary
CVE-2024-11334 is a vulnerability affecting the My Contador lesr plugin for WordPress. The issue lies in the exportar_registros() function, which lacks sufficient capability checks. This oversight allows unauthenticated attackers to export user data, posing a significant risk to privacy and security. Versions of the plugin up to and including 2.0 are vulnerable to this unauthorized data access. WordPress users are advised to update their plugins to the latest version to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share