CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54310 – WordPress Gou Manage My Account Menu plugin <= 1.0.1.8 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-54310
11 Dec 2024 — Missing Authorization vulnerability in Aslam Khan Gouran Gou Manage My Account Menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Gou Manage My Account Menu: from n/a through 1.0.1.8. The Gou Manage My Account Menu plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the gwat_delete_endpoints() function in versions up to, and including, 1.0.1.8. This makes it possible for unauthenticated attackers to modify plugin s... • https://patchstack.com/database/wordpress/plugin/gou-wc-account-tabs/vulnerability/wordpress-gou-manage-my-account-menu-plugin-1-0-1-8-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •