CVE-2024-49680
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Nov 19, 2024
CWE ID 862
Summary
CVE-2024-49680 is a vulnerability affecting the Rextheme WP VR plugin. It involves a missing authorization feature, allowing unauthorized access to functions or data. The vulnerability arises due to incorrectly configured access control security levels. This issue poses a risk for WP VR versions from n/a to 8.5.5. Successful exploitation could result in significant data exposure or unauthorized modifications. It is advised that users upgrade to the latest version or apply relevant patches to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share