CVE-2024-31358

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Apr 10, 2024

CWE ID 862

Summary

CVE-2024-31358 is a newly identified vulnerability affecting the 5 Stars Rating Funnel component of Saleswonder.Biz, versions n/a through 1.2.67. This issue involves a missing authorization control, enabling unauthorized users to access or modify data they should not have permission to reach. This potential security breach poses a significant risk, as unauthorized access can lead to data manipulation, unintended actions, and potential data exfiltration. Organizations utilizing the Saleswonder.Biz 5 Stars Rating Funnel are encouraged to update to a patched version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vTu-TG
https://www.cve.org/CVERecord?id=CVE-2024-31358
https://nvd.nist.gov/vuln/detail/CVE-2024-31358

Back to Vulnerability Database

CVE-2024-31358

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations