cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10861,https://securityvulnerability.io/vulnerability/CVE-2024-10861,Unauthorized Data Modification Vulnerability in The Popup Box Plugin,"The Popup Box – Create Countdown, Coupon, Video, Contact Form Popups plugin for WordPress has a design flaw that results in unauthorized modification of critical plugin settings. The vulnerability arises from a lack of proper capability checks in the deactivate_plugin_option() function. As a result, attackers who do not possess authentication can exploit this flaw to manipulate the 'ays_pb_upgrade_plugin' option, potentially leading to arbitrary changes in the plugin's configuration and behavior across all versions up to and including 4.9.7.",Wordpress,"Popup Box – Create Countdown, Coupon, Video, Contact Form Popups",5.3,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,2024-11-16T03:15:00.000Z,0