1 results (0.003 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0
CVE-2024-39640 – WordPress Social Feed Gallery plugin <= 4.3.9 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-39640
Missing Authorization vulnerability in QuadLayers WP Social Feed Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Feed Gallery: from n/a through 4.3.9. The WP Social Feed Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init_add_account() function in versions up to, and including, 4.3.9. This makes it possible for unauthenticated attackers to connect an account. • https://patchstack.com/database/vulnerability/insta-gallery/wordpress-social-feed-gallery-plugin-4-3-9-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •