CVE-2024-31366

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Apr 9, 2024

CWE ID 862

Summary

CVE-2024-31366 is a security vulnerability affecting Themify Post Type Builder (PTB) from versions n/a through 2.0.8. This issue involves a missing authorization check, which could allow unauthorized users to access and manipulate certain functionalities within the plugin. The exact implications of this vulnerability are still being assessed, but it poses a significant risk to websites utilizing the affected versions of PTB, potentially leading to data breaches or unintended modifications. It is strongly recommended that users upgrade to the latest version of PTB as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vSJl0h
https://www.cve.org/CVERecord?id=CVE-2024-31366
https://nvd.nist.gov/vuln/detail/CVE-2024-31366

Back to Vulnerability Database

CVE-2024-31366

CVSS 3.1 Score 7.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations