CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Cmorillas1: >> External Database Based Actions Security Vulnerabilities

CVE-2024-10311

The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.1. This is due to a missing capability check in the 'edba_admin_handle' function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin settings and log in as any existing user on the site, such as an administrator.

CVSS Score

7.5

EPSS Score

0.002

Published

2024-11-15

Page 1

Vulnerabilities

Vulnerable Software

Cmorillas1: >> External Database Based Actions Security Vulnerabilities

Products

Pricing

Contact Us