CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-9685

The Notification for Telegram plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nftb_test_action' function in versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to send a test message via the Telegram Bot API to all users configured in the settings.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.9%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2024-9685

Andreamarinucci » Notification For Telegram » Version: N/A

cpe:2.3:a:andreamarinucci:notification_for_telegram:-
Andreamarinucci » Notification For Telegram » Version: 1.0

cpe:2.3:a:andreamarinucci:notification_for_telegram:1.0
Andreamarinucci » Notification For Telegram » Version: 1.1

cpe:2.3:a:andreamarinucci:notification_for_telegram:1.1
Andreamarinucci » Notification For Telegram » Version: 1.2

cpe:2.3:a:andreamarinucci:notification_for_telegram:1.2
Andreamarinucci » Notification For Telegram » Version: 1.3

cpe:2.3:a:andreamarinucci:notification_for_telegram:1.3
Andreamarinucci » Notification For Telegram » Version: 1.4

cpe:2.3:a:andreamarinucci:notification_for_telegram:1.4
Andreamarinucci » Notification For Telegram » Version: 1.6

cpe:2.3:a:andreamarinucci:notification_for_telegram:1.6
Andreamarinucci » Notification For Telegram » Version: 2.0

cpe:2.3:a:andreamarinucci:notification_for_telegram:2.0
Andreamarinucci » Notification For Telegram » Version: 2.2

cpe:2.3:a:andreamarinucci:notification_for_telegram:2.2
Andreamarinucci » Notification For Telegram » Version: 2.3

cpe:2.3:a:andreamarinucci:notification_for_telegram:2.3
Andreamarinucci » Notification For Telegram » Version: 2.4

cpe:2.3:a:andreamarinucci:notification_for_telegram:2.4
Andreamarinucci » Notification For Telegram » Version: 2.5

cpe:2.3:a:andreamarinucci:notification_for_telegram:2.5
Andreamarinucci » Notification For Telegram » Version: 2.6

cpe:2.3:a:andreamarinucci:notification_for_telegram:2.6
Andreamarinucci » Notification For Telegram » Version: 2.7

cpe:2.3:a:andreamarinucci:notification_for_telegram:2.7
Andreamarinucci » Notification For Telegram » Version: 2.8

cpe:2.3:a:andreamarinucci:notification_for_telegram:2.8
Andreamarinucci » Notification For Telegram » Version: 2.9

cpe:2.3:a:andreamarinucci:notification_for_telegram:2.9
Andreamarinucci » Notification For Telegram » Version: 3.0

cpe:2.3:a:andreamarinucci:notification_for_telegram:3.0
Andreamarinucci » Notification For Telegram » Version: 3.1

cpe:2.3:a:andreamarinucci:notification_for_telegram:3.1
Andreamarinucci » Notification For Telegram » Version: 3.2

cpe:2.3:a:andreamarinucci:notification_for_telegram:3.2
Andreamarinucci » Notification For Telegram » Version: 3.3

cpe:2.3:a:andreamarinucci:notification_for_telegram:3.3
Andreamarinucci » Notification For Telegram » Version: 3.3.1

cpe:2.3:a:andreamarinucci:notification_for_telegram:3.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-9685

Products

Pricing

Contact Us