CVE-2024-39640 – WordPress Social Feed Gallery plugin <= 4.3.9 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2024-39640

Missing Authorization vulnerability in QuadLayers WP Social Feed Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Feed Gallery: from n/a through 4.3.9. The WP Social Feed Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init_add_account() function in versions up to, and including, 4.3.9. This makes it possible for unauthenticated attackers to connect an account. • https://patchstack.com/database/vulnerability/insta-gallery/wordpress-social-feed-gallery-plugin-4-3-9-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •