CVE-2024-7291

NVD Published Date: August 03, 2024 at 07:16 AM
NVD Last Modified: August 05, 2024 at 12:41 PM
Download Patch
Vulnerability ID
CVE-2024-7291
Severity
None
Severity Score
None
Summary
The JetFormBuilder plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.3.4.1. This is due to improper restriction on user meta fields. This makes it possible for authenticated attackers, with administrator-level and above permissions, to register as super-admins on the sites configured as multi-sites.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
None
CWE ID
None

Recent Publish

CVE-2024-7031

CVE-2024-7356

CVE-2024-7257

CVE-2024-6872

CVE-2024-6709

2024-07 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10 Version 22H2 for ARM64 (KB5041355)

See SecOps Solution
in action

Schedule Demo