PT-2024-33469 · WordPress · Wp Rest Api Fns
Stealthcopter
·
Published
2024-10-20
·
Updated
2025-01-11
·
CVE-2024-49328
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WP REST API FNS versions 1.0.0 and earlier
Description
There is an Authentication Bypass Using an Alternate Path or Channel issue in WP REST API FNS, allowing users to bypass authentication. This lets users gain unauthorized access.
Recommendations
For WP REST API FNS versions 1.0.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
LPE
Missing Authentication
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Wp Rest Api Fns