CVE-2024-1745
Testimonial Slider < 2.3.7 - Author+ Settings Update
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
26 Mar 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Testimonial Slider WordPress plugin before 2.3.7 does not properly ensure that a user has the necessary capabilities to edit certain sensitive Testimonial Slider WordPress plugin before 2.3.7 settings, making it possible for users with at least the Author role to edit them.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected products
Unknown · Testimonial Slider