CVE-2024-54241

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Dec 13, 2024
CWE ID 862

Summary

CVE-2024-54241 is aMissing Authorization vulnerability affecting the Appsbd Elite Notification plugin, which includes Sales Popup, Social Proof, FOMO, and WooCommerce Notification features. The flaw enables unauthorized access by exploiting incorrectly configured security levels, potentially allowing attackers to manipulate notifications and gain unintended functionality. This issue affects plugin versions from 1.5 through n/a. Organizations using these plugins are advised to apply necessary security patches and updates to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share