cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-7493,https://securityvulnerability.io/vulnerability/CVE-2024-7493,UnAuthenticated Privilege Escalation in WPCOM Member Plugin,"The WPCOM Member plugin for WordPress is susceptible to a privilege escalation flaw. This vulnerability is present in all versions up to and including 1.5.2.1. It arises from the plugin's mishandling of data during the registration process, specifically allowing unsanitized data to be passed to the wp_insert_user() function. Consequently, unauthenticated attackers can exploit this flaw to elevate their user roles to that of an administrator, thereby gaining unauthorized access to sensitive areas of the website and performing actions at an elevated privilege level.",Wordpress,WPcom Member,9.8,CRITICAL,0.000910000002477318,false,,false,false,false,,,false,false,,2024-09-06T13:55:20.451Z,0