CVE-2024-12470 [CRITICAL] :

The School Management System – SakolaWP plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.8. This is due to the registration function not properly limiting what roles a user can register as. This makes it possible for unauthenticated attackers to register as an administrative user.

Morphisec Blog

blog
news

Cybersecurity trends and news, with info about Morphisec, breach prevention, and zero trust endpoint, server, and workload security.

Visit Website

Listed: Fri Jun 28 2024