CVE-2024-0780

Published: Mar 18, 2024Modified: Jun 17, 2026

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action

Affected (1)

Products: Mediabetaprojects: Enjoy Social Feed

Mediabetaprojects

1 product

Enjoy Social Feed

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mediabetaprojects Enjoy Social Feed	Up to 6.2.2

Related CWEs

CWE-862

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (2)

https://wpscan.com/vulnerability/be3045b1-72e6-450a-8dd2-4702a9328447/

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/be3045b1-72e6-450a-8dd2-4702a9328447/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.