CVE-2024-31432 – WordPress Restrict Content plugin <= 3.2.8 - Broken Access Control vulnerability

https://notcve.org/view.php?id=CVE-2024-31432

Missing Authorization vulnerability in StellarWP Restrict Content.This issue affects Restrict Content: from n/a through 3.2.8. Vulnerabilidad de falta de autorización en contenido restringido de StellarWP. Este problema afecta el contenido restringido: desde n/a hasta 3.2.8. The Restrict Content plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the update_opt_in_get_status() function in versions up to, and including, 3.2.8. This makes it possible for unauthenticated attackers to update opt in status. • https://patchstack.com/database/vulnerability/restrict-content/wordpress-restrict-content-plugin-3-2-8-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •