CVE-2024-9697
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-9697 is a vulnerability affecting the Social Rocket – Social Sharing Plugin for WordPress. This issue allows authenticated attackers, with Subscriber-level access and above, to manipulate plugin settings bypassing the necessary capability checks on the tweet_settings_save() and tweet_settings_update() functions. Consequently, attackers can unauthorized modify data in all versions up to and including 1.3.4 of the plugin. This vulnerability poses a risk to the data integrity and security of WordPress websites using the Social Rocket plugin. It is recommended that users update the plugin to the latest version as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.