CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-11334

The My Contador lesr plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportar_registros() function in all versions up to, and including, 2.0. This makes it possible for unauthenticated attackers to export user data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.6%

CVSS Severity

CVSS v3 Score 4.3

References

https://plugins.trac.wordpress.org/browser/my-contador-wp/trunk/contador.php#L159
https://plugins.trac.wordpress.org/changeset/3191748/my-contador-wp/trunk/contador.php
https://www.wordfence.com/threat-intel/vulnerabilities/id/82cfeff9-7079-408e-9c22-bae0d45000ed?source=cve

Products affected by CVE-2024-11334

Nes360 » My Contador Lesr » Version: N/A

cpe:2.3:a:nes360:my_contador_lesr:-
Nes360 » My Contador Lesr » Version: 1.0

cpe:2.3:a:nes360:my_contador_lesr:1.0
Nes360 » My Contador Lesr » Version: 1.1

cpe:2.3:a:nes360:my_contador_lesr:1.1
Nes360 » My Contador Lesr » Version: 1.2

cpe:2.3:a:nes360:my_contador_lesr:1.2
Nes360 » My Contador Lesr » Version: 2.0

cpe:2.3:a:nes360:my_contador_lesr:2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11334

Products

Pricing

Contact Us