cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12402,https://securityvulnerability.io/vulnerability/CVE-2024-12402,Privilege Escalation Vulnerability in Themes Coder Plugin for WordPress,"The Themes Coder plugin for WordPress is subject to a privilege escalation vulnerability that allows unauthenticated attackers to modify user passwords without proper identity validation. This flaw arises from the plugin's failure to correctly validate a user's identity during the password update process in the update_user_profile() function. As a result, attackers can exploit this weakness to change the passwords of any user, including administrators, effectively leading to unauthorized account access and control. Users are advised to update to the latest version to mitigate this risk.",Wordpress,Themes Coder – Create Android & iOS Apps For Your WooCommerce Site,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,false,false,false,,2025-01-07T03:21:53.748Z,0