{"vulnerability": "cve-2024-8853", "sightings": [{"uuid": "6d036879-a370-4835-9e7b-971dcab7cb4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8853", "type": "seen", "source": "https://t.me/cvedetector/6100", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8853 - Webo-Facto WordPress Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-8853 \nPublished : Sept. 20, 2024, 8:15 a.m. | 17\u00a0minutes ago \nDescription : The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a username that contains '-wfuser'. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-20T10:33:29.000000Z"}]}