CVE-2024-0780

Summary

The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action

Affected Software

VendorProductVersion RangeStatus
UnknownEnjoy Social Feed plugin for WordPress website0 <= 6.2.2affected

Weaknesses

  • CWE-862 Missing Authorization

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References