PT-2024-34191 · WordPress · Bold Page Builder
Trương Hữu Phúc
·
Published
2024-11-19
·
Updated
2025-01-08
·
CVE-2024-50417
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Bold Page Builder versions through 5.1.3
Description:
The issue is related to missing authorization, allowing exploitation of incorrectly configured access control security levels. This could potentially lead to site compromise.
Recommendations:
For versions through 5.1.3, update the plugin immediately to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the site to minimize the risk of exploitation.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bold Page Builder