CVE-2024-43998

Name of the Vulnerable Software and Affected Versions WebsiteinWP Blogpoet versions 1.0.3 and earlier

Description The issue is related to missing authorization in the Blogpoet theme, allowing access to functionality not properly constrained by Access Control Lists (ACLs). This means that certain features or areas of the website can be accessed without the necessary permissions, potentially leading to unauthorized actions.

Recommendations For versions 1.0.3 and earlier, update to a version that includes proper ACL constraints to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.