CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Parorrey: Security Vulnerabilities

CVE-2024-6624

The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.9.3. This is due to improper controls on custom user meta fields. This makes it possible for unauthenticated attackers to register as administrators on the site. The plugin requires the JSON API plugin to also be installed.

CVSS Score

9.8

EPSS Score

0.254

Published

2024-07-11

Page 1

Vulnerabilities

Vulnerable Software

Parorrey: Security Vulnerabilities

Products

Pricing

Contact Us