CVE-2024-1763

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Mar 13, 2024

Summary

CVE-2024-1763 is a vulnerability affecting the Wp Social Login and Register Social Counter plugin for WordPress. The issue lies in the /wp_social/v1/ REST API endpoint, which lacks proper capability checks. This oversight enables unauthenticated attackers to modify data, specifically enabling and disabling certain providers for social share and login features. This vulnerability can potentially impact the functionality and security of affected WordPress websites and should be addressed promptly by updating to the latest version of the plugin.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/unSWlx
https://www.cve.org/CVERecord?id=CVE-2024-1763
https://nvd.nist.gov/vuln/detail/CVE-2024-1763

Back to Vulnerability Database

CVE-2024-1763

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations