CVE-2024-49328

Published Oct 20, 2024

Last updated 25 days ago

CVSS critical 9.8

Overview

Description
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through 1.0.0.
Source
audit@patchstack.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

nvd@nist.gov
CWE-306
audit@patchstack.com
CWE-288

Social media

Hype score
Not currently trending

  1. #exploit 1. CVE-2024-49328 WP REST API FNS <= 1.0 - Privilege Escalation https://t.co/CaLIZIjpjx 2. CVE-2024-44258: Symlink Vulnerability in Apple ManagedConfiguration Framework https://t.co/WYpJ6ScnsY

    @ksg93rd

    7 Nov 2024

    45 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. #exploit 1. CVE-2024-49328 WP REST API FNS <= 1.0 - Privilege Escalation https://t.co/B2XQSmM1Si 2. CVE-2024-44258: Symlink Vulnerability in Apple ManagedConfiguration Framework https://t.co/ZSG5HB1MBI

    @akaclandestine

    7 Nov 2024

    1849 Impressions

    10 Retweets

    26 Likes

    8 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-49328 Authentication Bypass Vulnerability in WP REST API FNS There is an Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS. This lets users bypass a... https://t.co/FIpsrjpPqp

    @VulmonFeeds

    20 Oct 2024

    61 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  4. [CVE-2024-49328: CRITICAL] Vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass using alternate path. Issue affects versions from n/a through 1.0.0. Cybersecurity alert!#cybersecurity,#vulnerability https://t.co/gsdPejulq7 https://t.co/kZTM0BAxkV

    @CveFindCom

    20 Oct 2024

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-49328 Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API F… https://t.co/XPOf6YJ8tW

    @CVEnew

    20 Oct 2024

    208 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References