PT-2024-28151 · Wpdeveloper · Wpdeveloper Embedpress

Rafie Muhammad

Published

2024-11-01

Updated

2025-03-24

CVE-2024-38707

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions WPDeveloper EmbedPress versions through 4.0.4

Description The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels.

Recommendations For WPDeveloper EmbedPress versions through 4.0.4, update to a version later than 4.0.4 to resolve the issue.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2024-38707

Affected Products

Wpdeveloper Embedpress

PT-2024-28151 · Wpdeveloper · Wpdeveloper Embedpress

CVE-2024-38707

Weakness Enumeration

Related Identifiers

Affected Products

References · 5