Severity
High
Analysis Summary
CVE-2024-52437 CVSS:8.8
Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System allows Privilege Escalation.This issue affects Banner System: from n/a through 1.0.0.
CVE-2024-52442 CVSS:9.8
Incorrect Privilege Assignment vulnerability in Userplus UserPlus allows Privilege Escalation.This issue affects UserPlus: from n/a through 2.0.
CVE-2024-52451 CVSS:8.2
Cross-Site Request Forgery (CSRF) vulnerability in Aaron Robbins Post Ideas allows SQL Injection.This issue affects Post Ideas: from n/a through 2.
Impact
- Privilege Escalation
- Data Manipulation
Indicators of Compromise
CVE
- CVE-2024-52437
- CVE-2024-52442
- CVE-2024-52451
Affected Vendors
WordPress
Affected Products
- Saul Morales Pacheco Banner System - n/a
- Userplus UserPlus - n/a
- Aaron Robbins Post Ideas - n/a
Remediation
Upgrade to the latest version, available from the WordPress Plugin Directory.