CVE-2024-0596

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Feb 10, 2024

Updated: Jun 10, 2024

CWE ID 862

Summary

CVE-2024-0596 is a vulnerability affecting the Awesome Support – WordPress HelpDesk & Support Plugin. This issue allows authenticated attackers with subscriber-level access or higher to gain unauthorized access to data. Specifically, the editor_html() function in all plugin versions up to 6.1.7 is missing a capability check, enabling attackers to view password-protected and draft posts. This vulnerability poses a significant risk to WordPress sites using the Awesome Support plugin and underscores the importance of keeping plugins updated to mitigate potential security threats.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uKl7x0
https://www.cve.org/CVERecord?id=CVE-2024-0596
https://nvd.nist.gov/vuln/detail/CVE-2024-0596

Back to Vulnerability Database

CVE-2024-0596

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations