CWE-266
Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CVE-2024-22303 (GCVE-0-2024-22303)
Vulnerability from cvelistv5 – Published: 2024-09-17 13:38 – Updated: 2026-04-28 16:09
VLAI
Title
WordPress Houzez theme <= 3.2.4 - Privilege Escalation vulnerability
Summary
Incorrect Privilege Assignment vulnerability in favethemes Houzez allows Privilege Escalation.This issue affects Houzez: from n/a through 3.2.4.
Severity
8.8 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/hou… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| favethemes | Houzez |
Affected:
n/a , ≤ 3.2.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:favethemes:houzez:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "houzez",
"vendor": "favethemes",
"versions": [
{
"lessThanOrEqual": "3.2.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-17T15:45:12.834765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T16:09:02.704Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Houzez",
"vendor": "favethemes",
"versions": [
{
"changes": [
{
"at": "3.3.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.2.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "luc (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in favethemes Houzez allows Privilege Escalation.\u003cp\u003eThis issue affects Houzez: from n/a through 3.2.4.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in favethemes Houzez allows Privilege Escalation.This issue affects Houzez: from n/a through 3.2.4."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:09:09.480Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/houzez/wordpress-houzez-theme-3-2-4-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 3.3.0 or a higher version."
}
],
"value": "Update to 3.3.0 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Houzez theme \u003c= 3.2.4 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-22303",
"datePublished": "2024-09-17T13:38:02.807Z",
"dateReserved": "2024-01-08T20:58:59.274Z",
"dateUpdated": "2026-04-28T16:09:09.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-23794 (GCVE-0-2024-23794)
Vulnerability from cvelistv5 – Published: 2024-07-15 07:14 – Updated: 2024-08-01 23:13
VLAI
Title
Agents are able to lock the ticket without the "Owner" permission
Summary
An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting 'RequiredLock' of 'AgentFrontend::Ticket::InlineEditing::Property###Watch' in the system configuration.This issue affects OTRS:
* 8.0.X
* 2023.X
* from 2024.X through 2024.4.x
Severity
5.2 (Medium)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
Impacted products
Date Public
2024-07-15 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23794",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T14:46:31.889829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-17T14:27:36.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:13:07.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-06/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"inline editing"
],
"product": "OTRS",
"vendor": "OTRS AG",
"versions": [
{
"status": "affected",
"version": "8.0.x"
},
{
"status": "affected",
"version": "2023.x"
},
{
"lessThanOrEqual": "2024.4.x",
"status": "affected",
"version": "2024.x",
"versionType": "Patch"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The sub setting RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch has to be activated by an administrator first and Ticket::Permission###1-OwnerCheck is enabled (default)\u003cbr\u003e\u003ch2\u003e\u003cbr\u003e\u003c/h2\u003e\u003cbr\u003e"
}
],
"value": "The sub setting RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch has to be activated by an administrator first and Ticket::Permission###1-OwnerCheck is enabled (default)\n\n"
}
],
"datePublic": "2024-07-15T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting \u0027RequiredLock\u0027 of \u0027AgentFrontend::Ticket::InlineEditing::Property###Watch\u0027 in the system configuration.\u003cp\u003eThis issue affects OTRS:\u0026nbsp;\u003c/p\u003e\u003cul\u003e\u003cli\u003e8.0.X\u003c/li\u003e\u003cli\u003e2023.X\u003c/li\u003e\u003cli\u003efrom 2024.X through 2024.4.x\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting \u0027RequiredLock\u0027 of \u0027AgentFrontend::Ticket::InlineEditing::Property###Watch\u0027 in the system configuration.This issue affects OTRS:\u00a0\n\n * 8.0.X\n * 2023.X\n * from 2024.X through 2024.4.x\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T10:41:01.694Z",
"orgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"shortName": "OTRS"
},
"references": [
{
"url": "https://otrs.com/release-notes/otrs-security-advisory-2024-06/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to OTRS 2024.5.2\u003cbr\u003e"
}
],
"value": "Update to OTRS 2024.5.2\n"
}
],
"source": {
"advisory": "OSA-2024-06",
"defect": [
"Issue#2409",
"Ticket#2024042342000433"
],
"discovery": "USER"
},
"title": "Agents are able to lock the ticket without the \"Owner\" permission",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "deactivate RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch or disable Ticket::Permission###1-OwnerCheck\u003cbr\u003e"
}
],
"value": "deactivate RequiredLock of AgentFrontend::Ticket::InlineEditing::Property###Watch or disable Ticket::Permission###1-OwnerCheck\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e1bf29f-dc29-4ed8-830c-7b9348b6f0e8",
"assignerShortName": "OTRS",
"cveId": "CVE-2024-23794",
"datePublished": "2024-07-15T07:14:09.557Z",
"dateReserved": "2024-01-22T10:32:00.705Z",
"dateUpdated": "2024-08-01T23:13:07.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23976 (GCVE-0-2024-23976)
Vulnerability from cvelistv5 – Published: 2024-02-14 16:30 – Updated: 2024-08-01 23:13
VLAI
Title
BIG-IP Appliance mode iAppsLX vulnerability
Summary
When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance
mode restrictions utilizing iAppsLX templates on a BIG-IP system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
Severity
6 (Medium)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://my.f5.com/manage/s/article/K91054692 | vendor-advisory |
Impacted products
Date Public
2024-02-14 15:00
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:f5:big-ip:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "big-ip",
"vendor": "f5",
"versions": [
{
"lessThan": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "16.1.4",
"status": "affected",
"version": "16.1.0",
"versionType": "custom"
},
{
"lessThan": "15.1.9",
"status": "affected",
"version": "15.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23976",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T16:29:49.640013Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-30T17:56:07.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:13:08.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://my.f5.com/manage/s/article/K91054692"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Appliance Mode"
],
"product": "BIG-IP",
"vendor": "F5",
"versions": [
{
"lessThan": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
},
{
"lessThan": "16.1.4",
"status": "affected",
"version": "16.1.0 ",
"versionType": "custom"
},
{
"lessThan": "15.1.9",
"status": "affected",
"version": "15.1.0 ",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "F5"
}
],
"datePublic": "2024-02-14T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance\u003cbr\u003emode restrictions utilizing iAppsLX templates on a BIG-IP system. \u0026nbsp;Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
}
],
"value": "When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance\nmode restrictions utilizing iAppsLX templates on a BIG-IP system. \u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T16:30:20.173Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://my.f5.com/manage/s/article/K91054692"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "BIG-IP Appliance mode iAppsLX vulnerability",
"x_generator": {
"engine": "F5 SIRTBot v1.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2024-23976",
"datePublished": "2024-02-14T16:30:20.173Z",
"dateReserved": "2024-02-01T22:13:26.339Z",
"dateUpdated": "2024-08-01T23:13:08.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2409 (GCVE-0-2024-2409)
Vulnerability from cvelistv5 – Published: 2024-03-29 08:31 – Updated: 2026-04-08 17:09
VLAI
Title
MasterStudy LMS <= 3.3.1 - Unauthenticated Privilege Escalation via stm_lms_register AJAX Action
Summary
The MasterStudy LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.1. This is due to insufficient validation checks within the _register_user() function called by the 'wp_ajax_nopriv_stm_lms_register' AJAX action. This makes it possible for unauthenticated attackers to register a user with administrator-level privileges when MasterStudy LMS Pro is installed and the LMS Forms Editor add-on is enabled.
Severity
9.8 (Critical)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| stylemix | MasterStudy LMS WordPress Plugin – for Online Courses and Education |
Affected:
0 , ≤ 3.3.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/94736152-b365-4b3a-a786-ed49f7d0fc7a?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.stylemixthemes.com/masterstudy-lms/changelog-free-version#id-3.3.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3059676/masterstudy-lms-learning-management-system"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "masterstudy_lms",
"vendor": "stylemixthemes",
"versions": [
{
"lessThan": "3.3.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2409",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T18:33:47.419360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T18:34:51.364Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Education",
"vendor": "stylemix",
"versions": [
{
"lessThanOrEqual": "3.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Hiroho Shimada"
}
],
"descriptions": [
{
"lang": "en",
"value": "The MasterStudy LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.1. This is due to insufficient validation checks within the _register_user() function called by the \u0027wp_ajax_nopriv_stm_lms_register\u0027 AJAX action. This makes it possible for unauthenticated attackers to register a user with administrator-level privileges when MasterStudy LMS Pro is installed and the LMS Forms Editor add-on is enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:09:52.197Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/94736152-b365-4b3a-a786-ed49f7d0fc7a?source=cve"
},
{
"url": "https://docs.stylemixthemes.com/masterstudy-lms/changelog-free-version#id-3.3.2"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3059676/masterstudy-lms-learning-management-system"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-13T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-03-28T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "MasterStudy LMS \u003c= 3.3.1 - Unauthenticated Privilege Escalation via stm_lms_register AJAX Action"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-2409",
"datePublished": "2024-03-29T08:31:29.816Z",
"dateReserved": "2024-03-12T21:35:10.961Z",
"dateUpdated": "2026-04-08T17:09:52.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-24882 (GCVE-0-2024-24882)
Vulnerability from cvelistv5 – Published: 2024-05-17 08:48 – Updated: 2026-04-29 09:51
VLAI
Title
WordPress LMS by Masteriyo plugin <= 1.7.2 - Privilege Escalation vulnerability
Summary
Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.7.2.
Severity
9.8 (Critical)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| masteriyo | Masteriyo - LMS |
Affected:
0 , ≤ 1.7.2
(custom)
|
Date Public
2026-04-01 16:23
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:masteriyo:masteriyo:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "masteriyo",
"vendor": "masteriyo",
"versions": [
{
"lessThanOrEqual": "1.7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24882",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-17T14:39:27.460584Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-06T14:15:20.606Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:28:12.959Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/learning-management-system/wordpress-lms-by-masteriyo-plugin-1-7-2-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "learning-management-system",
"product": "Masteriyo - LMS",
"vendor": "masteriyo",
"versions": [
{
"changes": [
{
"at": "1.7.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Steven Julian | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:23:37.985Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system.\u003cp\u003eThis issue affects Masteriyo - LMS: from n/a through \u003c= 1.7.2.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through \u003c= 1.7.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T09:51:52.669Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/learning-management-system/vulnerability/wordpress-lms-by-masteriyo-plugin-1-7-2-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "WordPress LMS by Masteriyo plugin \u003c= 1.7.2 - Privilege Escalation vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-24882",
"datePublished": "2024-05-17T08:48:42.875Z",
"dateReserved": "2024-02-01T10:26:29.010Z",
"dateUpdated": "2026-04-29T09:51:52.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-25632 (GCVE-0-2024-25632)
Vulnerability from cvelistv5 – Published: 2024-10-01 14:36 – Updated: 2024-10-01 15:00
VLAI
Title
Unauthorised granting of administrator privileges over arbitrary teams under certain circumstances
Summary
eLabFTW is an open source electronic lab notebook for research labs. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned team/teams. A user may be an administrator in one team and a regular user in another. The vulnerability allows a regular user to become administrator of a team where they are a member, under a reasonable configuration. Additionally, in eLabFTW versions subsequent to v5.0.0, the vulnerability may allow an initially unauthenticated user to gain administrative privileges over an arbitrary team. The vulnerability does not affect system administrator status. Users should upgrade to version 5.1.0. System administrators are advised to turn off local user registration, saml_team_create and not allow administrators to import users into teams, unless strictly required.
Severity
8.6 (High)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/elabftw/elabftw/security/advis… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25632",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T14:59:53.524677Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T15:00:01.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "elabftw",
"vendor": "elabftw",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.6.0, \u003c 5.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "eLabFTW is an open source electronic lab notebook for research labs. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned team/teams. A user may be an administrator in one team and a regular user in another. The vulnerability allows a regular user to become administrator of a team where they are a member, under a reasonable configuration. Additionally, in eLabFTW versions subsequent to v5.0.0, the vulnerability may allow an initially unauthenticated user to gain administrative privileges over an arbitrary team. The vulnerability does not affect system administrator status. Users should upgrade to version 5.1.0. System administrators are advised to turn off local user registration, saml_team_create and not allow administrators to import users into teams, unless strictly required."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266: Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-842",
"description": "CWE-842: Placement of User into Incorrect Group",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T14:36:50.451Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/elabftw/elabftw/security/advisories/GHSA-6m7p-gh9f-5mgg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/elabftw/elabftw/security/advisories/GHSA-6m7p-gh9f-5mgg"
}
],
"source": {
"advisory": "GHSA-6m7p-gh9f-5mgg",
"discovery": "UNKNOWN"
},
"title": "Unauthorised granting of administrator privileges over arbitrary teams under certain circumstances"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25632",
"datePublished": "2024-10-01T14:36:50.451Z",
"dateReserved": "2024-02-08T22:26:33.512Z",
"dateUpdated": "2024-10-01T15:00:01.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25633 (GCVE-0-2024-25633)
Vulnerability from cvelistv5 – Published: 2024-08-15 18:23 – Updated: 2024-08-19 13:29
VLAI
Title
In eLabFTW, if administrators can create users, users can too
Summary
eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one can configure who is allowed to create new user accounts. A vulnerability has been found starting in version 4.4.0 and prior to version 5.0.0 that allows regular users to create new, validated accounts in their team. If the system has anonymous access enabled (disabled by default) an unauthenticated user can create regular users in any team. This vulnerability has been fixed since version 5.0.0, released on February 17th 2024. Some workarounds are available. Disabling both options that allow *administrators* to create users will provide a mitigation. Additionally, disabling anonymous user access will stop anonymous access (including using existing access keys).
Severity
5.4 (Medium)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/elabftw/elabftw/security/advis… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T18:37:47.354793Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T18:38:05.612Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "elabftw",
"vendor": "elabftw",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.4.0, \u003c 5.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "eLabFTW is an open source electronic lab notebook for research labs. In an eLabFTW system, one can configure who is allowed to create new user accounts. A vulnerability has been found starting in version 4.4.0 and prior to version 5.0.0 that allows regular users to create new, validated accounts in their team. If the system has anonymous access enabled (disabled by default) an unauthenticated user can create regular users in any team. This vulnerability has been fixed since version 5.0.0, released on February 17th 2024. Some workarounds are available. Disabling both options that allow *administrators* to create users will provide a mitigation. Additionally, disabling anonymous user access will stop anonymous access (including using existing access keys)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266: Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T13:29:47.792Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/elabftw/elabftw/security/advisories/GHSA-v677-8x8p-636v",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/elabftw/elabftw/security/advisories/GHSA-v677-8x8p-636v"
}
],
"source": {
"advisory": "GHSA-v677-8x8p-636v",
"discovery": "UNKNOWN"
},
"title": "In eLabFTW, if administrators can create users, users can too"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25633",
"datePublished": "2024-08-15T18:23:57.786Z",
"dateReserved": "2024-02-08T22:26:33.513Z",
"dateUpdated": "2024-08-19T13:29:47.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27273 (GCVE-0-2024-27273)
Vulnerability from cvelistv5 – Published: 2024-05-07 20:17 – Updated: 2024-08-02 00:27
VLAI
Title
IBM AIX privilege escalation
Summary
IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SO_PEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903.
Severity
8.1 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7150297 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entry |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:ibm:aix:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aix",
"vendor": "ibm",
"versions": [
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:ibm:aix:3.1:*:*:*:*:*:*:*",
"cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"cpe:2.3:o:ibm:aix:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:ibm:aix:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aix",
"vendor": "ibm",
"versions": [
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27273",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:53:50.843116Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-23T17:02:15.061Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.896Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/7150297"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/284903"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AIX",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.2, 7.3, VIOS 3.1, VIOS 4.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Christian Kohlschuetter"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM AIX\u0027s Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SO_PEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903."
}
],
"value": "IBM AIX\u0027s Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SO_PEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-07T20:17:47.250Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7150297"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/284903"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM AIX privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-27273",
"datePublished": "2024-05-07T20:17:47.250Z",
"dateReserved": "2024-02-22T01:26:52.587Z",
"dateUpdated": "2024-08-02T00:27:59.896Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27275 (GCVE-0-2024-27275)
Vulnerability from cvelistv5 – Published: 2024-06-15 13:49 – Updated: 2025-09-29 15:04
VLAI
Title
IBM i privilege escalation
Summary
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support.
Severity
7.4 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7157637 | vendor-advisorypatch |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27275",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T03:56:01.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/7157637"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/285203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:i:7.2:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "i",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.4"
},
{
"status": "affected",
"version": "7.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support."
}
],
"value": "IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. A local user without administrator privilege can configure a physical file trigger to execute with the privileges of a user socially engineered to access the target file. The correction is to require administrator privilege to configure trigger support."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T15:04:45.978Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7157637"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM i privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-27275",
"datePublished": "2024-06-15T13:49:32.863Z",
"dateReserved": "2024-02-22T01:26:52.587Z",
"dateUpdated": "2025-09-29T15:04:45.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-28000 (GCVE-0-2024-28000)
Vulnerability from cvelistv5 – Published: 2024-08-21 13:53 – Updated: 2026-04-29 09:51 X_Known Exploited Vulnerability
VLAI
Title
WordPress LiteSpeed Cache plugin <= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability
Summary
Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through <= 6.3.0.1.
Severity
9.8 (Critical)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| LiteSpeed Technologies | LiteSpeed Cache |
Affected:
0 , ≤ 6.3.0.1
(custom)
|
Date Public
2026-04-22 14:38
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:litespeedtech:litespeed_cache:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "litespeed_cache",
"vendor": "litespeedtech",
"versions": [
{
"lessThanOrEqual": "6.3.0.1",
"status": "affected",
"version": "1.9",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28000",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T16:45:06.468347Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T16:49:04.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-06-17T18:44:02.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.exploit-db.com/exploits/52328"
},
{
"url": "https://thehackernews.com/2024/08/critical-flaw-in-wordpress-litespeed.html?m=1"
},
{
"url": "https://packetstorm.news/files/id/200819/"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "litespeed-cache",
"product": "LiteSpeed Cache",
"vendor": "LiteSpeed Technologies",
"versions": [
{
"changes": [
{
"at": "6.4",
"status": "unaffected"
}
],
"lessThanOrEqual": "6.3.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "John Blackbourn | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-22T14:38:12.552Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.\u003cp\u003eThis issue affects LiteSpeed Cache: from n/a through \u003c= 6.3.0.1.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through \u003c= 6.3.0.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-29T09:51:52.680Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/litespeed-cache/vulnerability/wordpress-litespeed-cache-plugin-6-3-0-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve"
}
],
"tags": [
"x_known-exploited-vulnerability"
],
"title": "WordPress LiteSpeed Cache plugin \u003c= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2024-28000",
"datePublished": "2024-08-21T13:53:57.747Z",
"dateReserved": "2024-02-29T06:17:46.687Z",
"dateUpdated": "2026-04-29T09:51:52.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-17
Phases: Architecture and Design, Operation
Strategy: Environment Hardening
Description:
- Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.