CVE-2024-10696

{"id": "CVE-2024-10696", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2024-11-21T11:15:21.087", "references": [{"url": "https://plugins.trac.wordpress.org/browser/ultraaddons-elementor-lite/trunk/inc/wp/shortcode.php#L16", "tags": ["Product"], "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/719de6e5-29c5-4303-981d-81840939a0b1?source=cve", "tags": ["Third Party Advisory"], "source": "security@wordfence.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "The UltraAddons \u2013 Elementor Addons (Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.8 via the show_template due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and above, to expose the contents of draft, private, and pending posts."}, {"lang": "es", "value": "El complemento UltraAddons \u2013 Elementor Addons (Header Footer Builder, Custom Font, Custom CSS, Woo Widget, Menu Builder, Anywhere Elementor Shortcode) para WordPress es vulnerable a una referencia directa a objetos insegura en todas las versiones hasta la 1.1.8 incluida a trav\u00e9s de show_template debido a la falta de validaci\u00f3n en una clave controlada por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, expongan el contenido de publicaciones en borrador, privadas y pendientes."}], "lastModified": "2025-02-05T14:55:34.007", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:codeastrology:ultraaddons:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D692847-745A-4A32-B88B-005A1E9B80EC", "versionEndIncluding": "1.1.8"}], "operator": "OR"}]}], "sourceIdentifier": "security@wordfence.com"}