CVE-2024-1715

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-1715
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-34802. Reason: This candidate is a duplicate of CVE-2024-34802. Notes: All CVE users should reference CVE-2024-34802 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

02 Aug 2024, 15:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.3 		v2 : unknown
v3 : unknown
CWE CWE-862
References
  • {'url': 'https://plugins.trac.wordpress.org/browser/adfoxly/trunk/includes/class-adfoxly-ajax.php#L80', 'source': 'security@wordfence.com'}
  • {'url': 'https://www.wordfence.com/threat-intel/vulnerabilities/id/84792202-d089-4dca-b950-16aea968c58e?source=cve', 'source': 'security@wordfence.com'}
Summary
  • (es) El complemento AdFoxly – Ad Manager, AdSense Ads & Ads.txt para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificación de capacidad en la función adfoxly_ad_status() en todas las versiones hasta la 1.8.5 incluida. Esto hace posible que atacantes no autenticados habiliten y deshabiliten anuncios.
Summary (en) The AdFoxly – Ad Manager, AdSense Ads & Ads.txt plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the adfoxly_ad_status() function in all versions up to, and including, 1.8.5. This makes it possible for unauthenticated attackers to enable and disable ads. (en) Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-34802. Reason: This candidate is a duplicate of CVE-2024-34802. Notes: All CVE users should reference CVE-2024-34802 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

01 Aug 2024, 12:42

Type Values Removed Values Added
New CVE
Information

Published : 2024-08-01 04:15

Updated : 2024-08-02 15:16

NVD link : CVE-2024-1715

Mitre link : CVE-2024-1715

CVE.ORG link : CVE-2024-1715

JSON object : View

Products Affected

No product.

CWE

No CWE.