CVE-2024-53826

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 6, 2024
CWE ID 862

Summary

CVE-2024-53826 is a newly disclosed vulnerability affecting the WPSight plugin for WPCasa. This missing authorization issue permits unauthorized access to functionality, bypassing Access Control Lists (ACLs). This security flaw poses a significant risk as it allows unauthenticated users to access restricted areas within WPCasa versions 1.2.13 and below. Successful exploitation could result in unintended modifications or unauthorized actions, jeopardizing the security and integrity of the affected system. Immediate patching is recommended for all WPCasa users running versions vulnerable to this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share