CVE-2024-3828
EUVD-2024-3239814.05.2024, 15:42
The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration forms and set the default role to administrator This makes it possible for authenticated attackers, with author-level access and above, to create administrator-level accounts.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.