CVE-2024-38690

Name of the Vulnerable Software and Affected Versions Avirtum iPanorama 360 WordPress Virtual Tour Builder versions 1.8.3 and earlier

Description The issue affects the Avirtum iPanorama 360 WordPress Virtual Tour Builder, allowing access to functionality not properly constrained by Access Control Lists (ACLs). This means that certain features or data may be accessible without the necessary permissions.

Recommendations For Avirtum iPanorama 360 WordPress Virtual Tour Builder versions 1.8.3 and earlier, update to a version that includes the necessary access controls to properly constrain functionality. At the moment, there is no information about a newer version that contains a fix for this vulnerability.