CVE-2024-56048

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 18, 2024

CWE ID 862

Summary

CVE-2024-56048 is a security vulnerability affecting VibeThemes WPLMS. It involves a Missing Authorization issue, which allows unauthorized access to functionality that is not adequately constrained by Access Control Lists (ACLs). This vulnerability can be exploited by attackers to gain privileged access, potentially leading to data breaches or system compromise. The issue affects WPLMS versions from n/a through 1.9.9. It is essential for users to patch their systems promptly to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

WP LMS

Affected Vendors

Proofpoint, Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1lpd25
https://www.cve.org/CVERecord?id=CVE-2024-56048
https://nvd.nist.gov/vuln/detail/CVE-2024-56048

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners