CVE-2024-52382 – WordPress Matix Popup Builder plugin <= 1.0.0 - Arbitrary Option Update to Privilege Escalation vulnerability

https://notcve.org/view.php?id=CVE-2024-52382

11 Nov 2024 — Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege Escalation.This issue affects Matix Popup Builder: from n/a through 1.0.0. The Matix Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on a function in all versions up to, and including, 1.0.0. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be... • https://github.com/RandomRobbieBF/CVE-2024-52382 • CWE-862: Missing Authorization •