CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Sitesao: >> Dhvc Form Security Vulnerabilities

CVE-2024-8420

The DHVC Form plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.7. This is due to the plugin allowing a user to supply the 'role' field when registering. This makes it possible for unauthenticated attackers to register as an administrator on sites.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-02-28

Page 1

Vulnerabilities

Vulnerable Software

Sitesao: >> Dhvc Form Security Vulnerabilities

Products

Pricing

Contact Us