CVE-2024-33929

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published May 3, 2024

CWE ID 862

Summary

CVE-2024-33929 is a Missing Authorization vulnerability that affects the wpWax Directorist plugin. Specifically, this issue permits unauthorized access to certain functionalities within versions 7.8.6 and prior. An attacker can exploit this flaw to gain unintended access, potentially leading to data compromise or unintended modifications. It is crucial for users running the affected versions to update to the latest patch as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vq6cxZ
https://www.cve.org/CVERecord?id=CVE-2024-33929
https://nvd.nist.gov/vuln/detail/CVE-2024-33929

Back to Vulnerability Database

CVE-2024-33929

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations