CVE-2024-11350 [CRITICAL] :

The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the adforest_reset_password() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.

MakeUseOf

article
technology
tutorial

MakeUseOf was founded in 2006 and acquired and owned by Valnet Inc. since 2020., MUO is one of the largest online technology publications that millions of readers every turn to every month for expert tech guidance. We also have hundreds of thousands of fans across social media on Instagram, Facebook, X (Twitter), and Pinterest.

Visit Website

Listed: Sun Jun 23 2024