CVE-2024-50487

Authentication Bypass Using an Alternate Path or Channel vulnerability in MaanTheme MaanStore API allows Authentication Bypass.This issue affects MaanStore API: from n/a through 1.0.1.
Configurations

Configuration 1 (hide)

cpe:2.3:a:maantheme:maanstore_api:*:*:*:*:*:wordpress:*:*

History

31 Oct 2024, 00:17

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de omisión de autenticación mediante una ruta o canal alternativo en MaanTheme La API de MaanStore permite la omisión de autenticación. Este problema afecta a la API de MaanStore: desde n/a hasta 1.0.1.
First Time Maantheme
Maantheme maanstore Api
CWE CWE-306
CPE cpe:2.3:a:maantheme:maanstore_api:*:*:*:*:*:wordpress:*:*
References () https://patchstack.com/database/vulnerability/maanstore-api/wordpress-maanstore-api-plugin-1-0-1-account-takeover-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/maanstore-api/wordpress-maanstore-api-plugin-1-0-1-account-takeover-vulnerability?_s_id=cve - Third Party Advisory

28 Oct 2024, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-28 12:15

Updated : 2024-10-31 00:17


NVD link : CVE-2024-50487

Mitre link : CVE-2024-50487

CVE.ORG link : CVE-2024-50487


JSON object : View

Products Affected

maantheme

  • maanstore_api
CWE
CWE-306

Missing Authentication for Critical Function

CWE-288

Authentication Bypass Using an Alternate Path or Channel