Vulnerability CVE-2021-24215


Published: 2021-04-12

Description:
An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromise of the target resource.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation
m0ze
23.03.2021

Type:

CWE-284

(Improper Access Control)

 References:
https://m0ze.ru/vulnerability/[2021-03-18]-[WordPress]-[CWE-284]-Controlled-Admin-Access-WordPress-Plugin-v1.4.0.txt
https://wpscan.com/vulnerability/eec0f29f-a985-4285-8eed-d1855d204a20

Copyright 2024, cxsecurity.com

 

Back to Top