PT-2024-24902 · Unknown · Giveaways/Contests By Rafflepress

Brandon Roldan

Published

2024-05-17

Updated

2024-05-18

CVE-2024-32827

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions RafflePress Giveaways and Contests versions 1.12.7 and earlier

Description The issue is an Authentication Bypass by Spoofing vulnerability that allows Functionality Bypass.

Recommendations For versions 1.12.7 and earlier, update to a version later than 1.12.7 to resolve the issue. At the moment, there is no information about other mitigation measures for this issue.

Fix

Authentication Bypass by Spoofing

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-290

Related Identifiers

CVE-2024-32827

Affected Products

Giveaways/Contests By Rafflepress

PT-2024-24902 · Unknown · Giveaways/Contests By Rafflepress

CVE-2024-32827

Weakness Enumeration

Related Identifiers

Affected Products

References · 5