CVE-2024-33547

EUVD-2024-31284
Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.3 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
PatchstackCNA
8.3 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
Affected Products (NVD)
VendorProductVersion
aa-teamwzone
𝑥
≤ 14.0.33
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-site-wide-broken-access-control-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-site-wide-broken-access-control-vulnerability?_s_id=cve