cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10783,https://securityvulnerability.io/vulnerability/CVE-2024-10783,Unauthenticated Attackers Can Escalate Privileges in MainWP Child Plugin,"A privilege escalation vulnerability exists in the MainWP Child plugin for WordPress, affecting all versions up to and including 5.2. This vulnerability stems from missing authorization checks in the register_site function, particularly when a site remains in an unconfigured state. Unauthenticated attackers can potentially exploit this flaw to log in as an administrator on sites where the MainWP Child plugin is installed but not connected to the MainWP Dashboard. Notably, sites employing the unique security ID feature or already connected to the dashboard are not impacted. Version 5.2.1 provides a partial fix, while version 5.3 offers a complete resolution to the vulnerability.",Wordpress,MainWP Child – Securely Connects To The MainWP Dashboard To Manage Multiple Sites,8.1,HIGH,0.0009899999713525176,false,,false,false,false,,false,false,2024-12-13T09:27:29.034Z,0