CVE-2024-31290 – WordPress Demo My WordPress plugin <= 1.0.9.1 - Unauthenticated Privilege Escalation vulnerability

https://notcve.org/view.php?id=CVE-2024-31290

Improper Privilege Management vulnerability in CodeRevolution Demo My WordPress allows Privilege Escalation.This issue affects Demo My WordPress: from n/a through 1.0.9.1. Vulnerabilidad de gestión de privilegios incorrecta en CodeRevolution Demo My WordPress permite la escalada de privilegios. Este problema afecta a Demo My WordPress: desde n/a hasta 1.0.9.1. The Demo My WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.9.1. This is due to insufficient verification on privilege assignment. • https://patchstack.com/database/vulnerability/demo-my-wordpress/wordpress-demo-my-wordpress-plugin-1-0-9-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •