CVE-2024-2702

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-2702
Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1.

8.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-1-1-broken-access-control-vulnerability?_s_id=cve Third Party Advisory
https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-1-1-broken-access-control-vulnerability?_s_id=cve Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:olivethemes:olive_one_click_demo_import:*:*:*:*:*:wordpress:*:*
History

28 Apr 2026, 19:23

Type Values Removed Values Added
Summary (en) Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. (en) Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1.

07 May 2025, 01:34

Type Values Removed Values Added
CPE cpe:2.3:a:olivethemes:olive_one_click_demo_import:*:*:*:*:*:wordpress:*:*
First Time Olivethemes
Olivethemes olive One Click Demo Import
References () https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-1-1-broken-access-control-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-1-1-broken-access-control-vulnerability?_s_id=cve - Third Party Advisory

21 Nov 2024, 09:10

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de autorización faltante en Olive Themes Olive One Click Demo Import permite importar configuraciones y datos, lo que en última instancia conduce a XSS. Este problema afecta a Olive One Click Demo Import: desde n/a hasta 1.1.1.
References () https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-1-1-broken-access-control-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-1-1-broken-access-control-vulnerability?_s_id=cve -

20 Mar 2024, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-20 10:15

Updated : 2026-04-28 19:23

NVD link : CVE-2024-2702

Mitre link : CVE-2024-2702

CVE.ORG link : CVE-2024-2702

JSON object : View

Products Affected

olivethemes

  • olive_one_click_demo_import
CWE
CWE-862

Missing Authorization