CVE-2024-49328

Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through 1.0.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:vivektamrakar:wp_rest_api_fns:*:*:*:*:*:wordpress:*:*

History

23 Oct 2024, 17:08

Type Values Removed Values Added
CWE CWE-306
References () https://patchstack.com/database/vulnerability/rest-api-fns/wordpress-wp-rest-api-fns-plugin-plugin-1-0-0-account-takeover-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/rest-api-fns/wordpress-wp-rest-api-fns-plugin-plugin-1-0-0-account-takeover-vulnerability?_s_id=cve - Third Party Advisory
CPE cpe:2.3:a:vivektamrakar:wp_rest_api_fns:*:*:*:*:*:wordpress:*:*
First Time Vivektamrakar
Vivektamrakar wp Rest Api Fns

21 Oct 2024, 17:09

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad de omisión de autenticación mediante una ruta o canal alternativo en Vivek Tamrakar WP REST API FNS permite la omisión de autenticación. Este problema afecta a WP REST API FNS: desde n/a hasta 1.0.0.

20 Oct 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-20 08:15

Updated : 2024-10-23 17:08


NVD link : CVE-2024-49328

Mitre link : CVE-2024-49328

CVE.ORG link : CVE-2024-49328


JSON object : View

Products Affected

vivektamrakar

  • wp_rest_api_fns
CWE
CWE-306

Missing Authentication for Critical Function

CWE-288

Authentication Bypass Using an Alternate Path or Channel